From 8eb986591acb896c89f94743e8d99936fa74fa67 Mon Sep 17 00:00:00 2001
From: lebaudantoine <lebaud.antoine131@gmail.com>
Date: Sun, 15 Dec 2024 18:52:37 +0100
Subject: [PATCH] =?UTF-8?q?=F0=9F=92=A1(backend)=20warm=20about=20the=20to?=
 =?UTF-8?q?ken=20nature=20of=20Yprovider=20microservice?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Note to the future myself, using a raw token format is
not common. It should be refactor
---
 src/backend/core/services/collaboration_services.py | 1 +
 src/backend/core/services/converter_services.py     | 1 +
 src/frontend/servers/y-provider/src/middlewares.ts  | 1 +
 3 files changed, 3 insertions(+)

diff --git a/src/backend/core/services/collaboration_services.py b/src/backend/core/services/collaboration_services.py
index 9120321d..283a8742 100644
--- a/src/backend/core/services/collaboration_services.py
+++ b/src/backend/core/services/collaboration_services.py
@@ -26,6 +26,7 @@ class CollaborationService:
         # same pod thanks to a parameter
         endpoint_url = f"{settings.COLLABORATION_API_URL}{endpoint}/?room={room}"
 
+        # Note: Collaboration microservice accepts only raw token, which is not recommended
         headers = {"Authorization": settings.COLLABORATION_SERVER_SECRET}
         if user_id:
             headers["X-User-Id"] = user_id
diff --git a/src/backend/core/services/converter_services.py b/src/backend/core/services/converter_services.py
index d140d10f..5213bac8 100644
--- a/src/backend/core/services/converter_services.py
+++ b/src/backend/core/services/converter_services.py
@@ -31,6 +31,7 @@ class YdocConverter:
     @property
     def auth_header(self):
         """Build microservice authentication header."""
+        # Note: Yprovider microservice accepts only raw token, which is not recommended
         return settings.Y_PROVIDER_API_KEY
 
     def convert_markdown(self, text):
diff --git a/src/frontend/servers/y-provider/src/middlewares.ts b/src/frontend/servers/y-provider/src/middlewares.ts
index 49d9b472..11344a27 100644
--- a/src/frontend/servers/y-provider/src/middlewares.ts
+++ b/src/frontend/servers/y-provider/src/middlewares.ts
@@ -25,6 +25,7 @@ export const httpSecurity = (
   }
 
   // Secret API Key check
+  // Note: Changing this header to Bearer token format will break backend compatibility with this microservice.
   const apiKey = req.headers['authorization'];
   if (apiKey !== COLLABORATION_SERVER_SECRET) {
     res.status(403).json({ error: 'Forbidden: Invalid API Key' });