Skip to content

Commit 9ac7ddd

Browse files
fix(auth): explicitly check for missing Authorization header before startswith
Co-authored-by: prashansapkota <prashan.sapkota3456@gmail.com>
1 parent 3f3db63 commit 9ac7ddd

1 file changed

Lines changed: 2 additions & 2 deletions

File tree

src/vllm_router/auth.py

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -54,8 +54,8 @@ async def verify_api_key(request: Request) -> None:
5454
if not allowed_keys:
5555
return
5656

57-
auth_header = request.headers.get("Authorization", "")
58-
if not auth_header.startswith("Bearer "):
57+
auth_header = request.headers.get("Authorization")
58+
if not auth_header or not auth_header.startswith("Bearer "):
5959
raise HTTPException(
6060
status_code=401,
6161
detail="Missing or malformed Authorization header. Expected: Bearer <token>",

0 commit comments

Comments
 (0)