From b0f38b4e4e86d473fdb72d662bef046d37ac6070 Mon Sep 17 00:00:00 2001
From: ramnique <30795890+ramnique@users.noreply.github.com>
Date: Wed, 29 Jan 2025 10:45:37 +0530
Subject: [PATCH] fix key check in agents,copilot

---
 apps/agents/src/app/main.py | 3 ++-
 apps/copilot/app.py         | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/apps/agents/src/app/main.py b/apps/agents/src/app/main.py
index cd784367..86cf9201 100644
--- a/apps/agents/src/app/main.py
+++ b/apps/agents/src/app/main.py
@@ -27,7 +27,8 @@ def require_api_key(f):
             return jsonify({'error': 'Missing or invalid authorization header'}), 401
 
         token = auth_header.split('Bearer ')[1]
-        if token != os.environ.get('API_KEY', 'test'):
+        actual = os.environ.get('API_KEY', '').strip()
+        if actual and token != actual:
             return jsonify({'error': 'Invalid API key'}), 403
 
         return f(*args, **kwargs)
diff --git a/apps/copilot/app.py b/apps/copilot/app.py
index 5be23c48..3da6384f 100644
--- a/apps/copilot/app.py
+++ b/apps/copilot/app.py
@@ -34,7 +34,8 @@ def require_api_key(f):
             return jsonify({'error': 'Missing or invalid authorization header'}), 401
 
         token = auth_header.split('Bearer ')[1]
-        if token != os.environ.get('API_KEY', 'test'):
+        actual = os.environ.get('API_KEY', '').strip()
+        if actual and token != actual:
             return jsonify({'error': 'Invalid API key'}), 403
 
         return f(*args, **kwargs)