Key Vault-gated homepage (no API key header)

Author: yashcodingprodigy

app.py

@@ -1,34 +1,24 @@
-from flask import Flask, request, abort
+from flask import Flask
 from azure.identity import DefaultAzureCredential
 from azure.keyvault.secrets import SecretClient
 import os
 
 app = Flask(__name__)
 
-# Your Key Vault URL (replace with yours)
 KEY_VAULT_URL = "https://yashkeyvaultverysafe.vault.azure.net/"
-
-# Initialize Key Vault client with managed identity
 credential = DefaultAzureCredential()
 client = SecretClient(vault_url=KEY_VAULT_URL, credential=credential)
 
 @app.route("/")
 def home():
     try:
-        # Get secret from Key Vault (executed at request-time, not startup)
-        retrieved_secret = client.get_secret("app-auth-secret").value
-
-        # Get API key from incoming request
-        api_key = request.headers.get('x-api-key')
-
-        # If API key is missing or incorrect, deny access
-        if api_key != retrieved_secret:
-            abort(403, "Invalid API key")
+        # Try to access a secret from Key Vault
+        secret_value = client.get_secret("app-auth-secret").value
 
-        return "✅ Authorized! Access granted."
+        return f"✅ Welcome! Secret loaded from Key Vault: {secret_value}"
 
     except Exception as e:
-        return f"❌ Error: {str(e)}", 500
+        return f"❌ Access denied or error reading from Key Vault:<br><br>{str(e)}", 500
 
 @app.route("/ping")
 def ping():