MCPcopy
hub / github.com/mudler/LocalAI / isValidLegacyKey

Function isValidLegacyKey

core/http/auth/middleware.go:540–547  ·  view source on GitHub ↗

isValidLegacyKey checks if the key matches any configured API key using constant-time comparison to prevent timing attacks.

(key string, appConfig *config.ApplicationConfig)

Source from the content-addressed store, hash-verified

538// isValidLegacyKey checks if the key matches any configured API key
539// using constant-time comparison to prevent timing attacks.
540func isValidLegacyKey(key string, appConfig *config.ApplicationConfig) bool {
541 for _, validKey := range appConfig.ApiKeys {
542 if subtle.ConstantTimeCompare([]byte(key), []byte(validKey)) == 1 {
543 return true
544 }
545 }
546 return false
547}
548
549// isExemptPath returns true if the path should skip authentication.
550func isExemptPath(path string, appConfig *config.ApplicationConfig) bool {

Callers 1

MiddlewareFunction · 0.70

Calls

no outgoing calls

Tested by

no test coverage detected