feat(api-documentation): adds top-level security

saves users from repeatedly entering the access code for every protected endpoint

API/auth/__init__.py

@@ -1,13 +1,18 @@
 from enum import Enum
 from typing import Union
 
+from fastapi.security import APIKeyHeader
 from fastapi import Depends, Header, HTTPException
 from osm_login_python.core import Auth
 from pydantic import BaseModel, Field
 
 from src.app import Users
 from src.config import get_oauth_credentials
 
+API_Access_Token = APIKeyHeader(
+    name="Access_Token", description="Access Token to Authorize User"
+)
+
 
 class UserRole(Enum):
     ADMIN = 1
@@ -34,7 +39,7 @@ def get_user_from_db(osm_id: int):
 def get_osm_auth_user(access_token):
     try:
         user = AuthUser(**osm_auth.deserialize_access_token(access_token))
-    except Exception as ex:
+    except Exception:
         raise HTTPException(
             status_code=403, detail=[{"msg": "OSM Authentication failed"}]
         )
@@ -43,11 +48,15 @@ def get_osm_auth_user(access_token):
     return user
 
 
-def login_required(access_token: str = Header(...)):
+def login_required(access_token: str = Depends(API_Access_Token)):
     return get_osm_auth_user(access_token)
 
 
-def get_optional_user(access_token: str = Header(default=None)) -> AuthUser:
+def get_optional_user(
+    access_token: str = Header(
+        default=None, description="Access Token to Authorize User"
+    ),
+) -> AuthUser:
     if access_token:
         return get_osm_auth_user(access_token)
     else:
@@ -57,7 +66,7 @@ def get_optional_user(access_token: str = Header(default=None)) -> AuthUser:
 
 def admin_required(user: AuthUser = Depends(login_required)):
     db_user = get_user_from_db(user.id)
-    if not db_user["role"] is UserRole.ADMIN.value:
+    if db_user["role"] is not UserRole.ADMIN.value:
         raise HTTPException(status_code=403, detail="User is not an admin")
     return user