RFC compliant auth header

[agmes4]

Issue

we currently implement our own way to integrate the auth part into the authentication header by just putting authentication: apikey KEY. This is not compliant to any auth methods.

Solution

we should implement RFC 7617 in order to keep the key value pair but introduce also an identification for the API. Something like Flask HTTP Auth can be used.

pycroft/web/api/v0/__init__.py

Lines 67 to 75 in ac4c463

	def parse_authorization_header(value: str | None) -> str | None:
	if not value:
	return None
	try:
	auth_type, api_key = value.split(maxsplit=1)
	return api_key if auth_type.lower() == 'apikey' else None
	except ValueError:
	return None