增加API鉴权

main.py

@@ -1,6 +1,7 @@
 from fastapi import FastAPI, Request
 from fastapi.staticfiles import StaticFiles
 from fastapi.middleware.cors import CORSMiddleware
+from starlette.middleware.sessions import SessionMiddleware
 from contextlib import asynccontextmanager
 import logging
 import os
@@ -10,6 +11,7 @@ from database import init_db
 from mqtt_manager import mqtt_manager
 from api import api_router
 from admin_routes import admin_router
+from auth import APIKeyMiddleware, AdminAuthMiddleware
 
 # 配置日志
 logging.basicConfig(
@@ -51,10 +53,21 @@ async def lifespan(app: FastAPI):
 
 # 创建FastAPI应用
 app = FastAPI(
-    title=settings.app_name,
-    description="基于 FastAPI + MQTT + HTTP/HTTPS + NTP 的轻量级墨水屏显示系统服务端",
+    title="墨水屏桌面屏幕系统 API",
+    description="用于管理墨水屏设备、内容和待办事项的API",
     version="1.0.0",
-    lifespan=lifespan
+    lifespan=lifespan,
+    openapi_components={
+        "securitySchemes": {
+            "APIKeyHeader": {
+                "type": "apiKey",
+                "in": "header",
+                "name": "X-API-Key",
+                "description": "API Key鉴权，请在下方输入正确的API Key"
+            }
+        }
+    },
+    security=[{"APIKeyHeader": []}]
 )
 
 # 添加CORS中间件
@@ -66,11 +79,20 @@ app.add_middleware(
     allow_headers=["*"],
 )
 
+# 添加API Key鉴权中间件
+app.add_middleware(APIKeyMiddleware)
+
+# 添加Admin认证中间件
+app.add_middleware(AdminAuthMiddleware)
+
+# 添加Session中间件
+app.add_middleware(SessionMiddleware, secret_key=settings.secret_key)
+
 # 挂载静态文件
 app.mount("/static", StaticFiles(directory=settings.static_dir), name="static")
 
 # 注册API路由
-app.include_router(api_router)
+app.include_router(api_router, prefix="/api")
 
 # 包含管理后台路由
 app.include_router(admin_router, prefix="/admin", tags=["管理后台"])