[feature] authentication middleware

Knox-AAU · Nov 28, 2023 · 8a010df · 8a010df
1 parent d1dac92
commit 8a010df
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 2 deletions.
diff --git a/cmd/main.go b/cmd/main.go
@@ -32,6 +32,6 @@ func main() {
 	config.Load("..", &appRepository)
 	virtuosoRepository := virtuoso.NewVirtuosoRepository(appRepository.VirtuosoURL, appRepository.VirtuosoUsername, appRepository.VirtuosoPassword)
 	service := graph.NewService(virtuosoRepository)
-	router := rest.NewRouter(service, graph.OntologyGraphURI(appRepository.OntologyGraphURI), graph.KnowledgeBaseGraphURI(appRepository.GraphURI))
+	router := rest.NewRouter(service, graph.OntologyGraphURI(appRepository.OntologyGraphURI), graph.KnowledgeBaseGraphURI(appRepository.GraphURI), appRepository.APISecret)
 	router.Run(":8000")
 }
diff --git a/pkg/config/service.go b/pkg/config/service.go
@@ -21,6 +21,7 @@ type Config struct {
 	OntologyGraphURI GraphURI
 	GraphURI         GraphURI
 	TestGraphURI     GraphURI
+	APISecret        string
 	VirtuosoUsername string
 	VirtuosoPassword string
 }
@@ -36,6 +37,7 @@ func Load(rootPath string, config *Config) {
 	config.VirtuosoUsername = mustGetENV("VIRTUOSO_USERNAME")
 	config.VirtuosoPassword = mustGetENV("VIRTUOSO_PASSWORD")
 	config.OntologyGraphURI = GraphURI(mustGetENV("VIRTUOSO_ONTOLOGY_GRAPH_URI"))
+	config.APISecret = mustGetENV("API_SECRET")
 }
 
 func mustGetENV(key string) string {

diff --git a/pkg/http/rest/middleware.go b/pkg/http/rest/middleware.go
@@ -21,3 +21,14 @@ func validateGraphParameter(validGraphs []graph.TargetGraph) gin.HandlerFunc {
 		c.Abort()
 	}
 }
+
+func authenticate(secret string) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		if c.GetHeader("Authorization") != secret {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "unauthorized"})
+			c.Abort()
+			return
+		}
+		c.Next()
+	}
+}
diff --git a/pkg/http/rest/routes.go b/pkg/http/rest/routes.go
@@ -18,9 +18,10 @@ const (
 	POST    Method = http.MethodPost
 )
 
-func NewRouter(s graph.Service, ontologyGraph graph.OntologyGraphURI, knowledgeBaseGraph graph.KnowledgeBaseGraphURI) *gin.Engine {
+func NewRouter(s graph.Service, ontologyGraph graph.OntologyGraphURI, knowledgeBaseGraph graph.KnowledgeBaseGraphURI, apiSecret string) *gin.Engine {
 	router := gin.Default()
 	router.Use(validateGraphParameter([]graph.TargetGraph{graph.TargetGraph(ontologyGraph), graph.TargetGraph(knowledgeBaseGraph)}))
+	router.Use(authenticate(apiSecret))
 	router.GET(string(Triples), getHandler(s))
 	router.POST(string(Triples), postHandler(s))