Hiddenden/AegisGitea-MCP
3
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects Releases Wiki Activity

quick fix

Browse Source
This commit is contained in:
Latte
2026-01-31 14:23:51 +01:00
parent 0a2a21cc52
commit 833eb21c79
1 changed files with 20 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/aegis_gitea_mcp/server.py
View File

@@ -57,7 +57,13 @@ TOOL_HANDLERS = {
# Authentication middleware
@app.middleware("http")
async def authenticate_request(request: Request, call_next):
"""Authenticate all requests except health checks and root."""
"""Authenticate all requests except health checks and root.
Supports Mixed authentication mode where:
- /mcp/tools (list tools) is publicly accessible (No Auth)
- /mcp/tool/call (execute tools) requires authentication
- /mcp/sse requires authentication
"""
# Skip authentication for health check and root endpoints
if request.url.path in ["/", "/health"]:
return await call_next(request)
@@ -66,6 +72,10 @@ async def authenticate_request(request: Request, call_next):
if not request.url.path.startswith("/mcp/"):
return await call_next(request)
# Mixed mode: allow /mcp/tools without authentication (for ChatGPT discovery)
if request.url.path == "/mcp/tools":
return await call_next(request)
# Extract client information
client_ip = request.client.host if request.client else "unknown"
user_agent = request.headers.get("user-agent", "unknown")
@@ -75,7 +85,7 @@ async def authenticate_request(request: Request, call_next):
api_key = auth_validator.extract_bearer_token(auth_header)
# Fallback: allow API key via query parameter only for MCP endpoints
if not api_key and request.url.path in {"/mcp/tools", "/mcp/tool/call", "/mcp/sse"}:
if not api_key and request.url.path in {"/mcp/tool/call", "/mcp/sse"}:
api_key = request.query_params.get("api_key")
# Validate API key
@@ -249,6 +259,7 @@ async def sse_endpoint(request: Request) -> StreamingResponse:
Returns:
Streaming SSE response
"""
async def event_stream():
"""Generate SSE events."""
# Send initial connection event
@@ -265,6 +276,7 @@ async def sse_endpoint(request: Request) -> StreamingResponse:
# Wait for next heartbeat (in production, this would handle actual events)
import asyncio
await asyncio.sleep(30)
except Exception as e: