File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -41,7 +41,19 @@ def decode_session_token(token: str) -> dict[str, Any] | None:
4141
4242
4343def get_current_user (request : Request ) -> dict [str , Any ] | None :
44- """Extract user info from session cookie. Returns None if not authenticated."""
44+ """Extract user info from Bearer API key or session cookie.
45+
46+ Checks Authorization header first (for programmatic access like Home Assistant),
47+ then falls back to session cookie (for browser sessions).
48+ """
49+ # Check Bearer token against CASHPILOT_API_KEY
50+ api_key = os .getenv ("CASHPILOT_API_KEY" , "" )
51+ if api_key :
52+ auth_header = request .headers .get ("Authorization" , "" )
53+ if auth_header == f"Bearer { api_key } :
54+ return {"uid" : 0 , "u" : "api" , "r" : "owner" }
55+
56+ # Fall back to session cookie
4557 token = request .cookies .get (SESSION_COOKIE )
4658 if not token :
4759 return None
You can’t perform that action at this time.
0 commit comments