resq_mcp.core.security

Security utilities for the ResQ MCP server. Provides API key verification for authenticated endpoints using FastAPI’s HTTPBearer security scheme for token extraction. Notes: This implementation uses a simple comparison against the configured API_KEY. Production deployments should use secure token storage and validation.

annotations

logging

secrets

HTTPException

Request

status

HTTPBearer

settings

logger

security_scheme

verify_api_key

def verify_api_key(request: Request) -> str

Verify the Bearer token against the configured API_KEY. Used as a dependency for SSE endpoints if wrapping in FastAPI. For FastMCP’s SSE adapter, authentication may need to be handled at the deployment level (Ingress/Gateway) for strict OAuth. Arguments:

request - The incoming FastAPI request.

Returns: The validated API token. Raises:

HTTPException - 401 if missing/invalid auth scheme, 403 if invalid key.

​resq_mcp.core.security

​annotations

​logging

​secrets

​HTTPException

​Request

​status

​HTTPBearer

​settings

​logger

​security_scheme

​verify_api_key