From 8a010df5ec719079e767d980722db6eac880b61b Mon Sep 17 00:00:00 2001 From: Mcklmo <87199710+Mcklmo@users.noreply.github.com> Date: Tue, 28 Nov 2023 10:44:43 +0100 Subject: [PATCH] [feature] authentication middleware --- cmd/main.go | 2 +- pkg/config/service.go | 2 ++ pkg/http/rest/middleware.go | 11 +++++++++++ pkg/http/rest/routes.go | 3 ++- 4 files changed, 16 insertions(+), 2 deletions(-) diff --git a/cmd/main.go b/cmd/main.go index 55435c4..9f95930 100644 --- a/cmd/main.go +++ b/cmd/main.go @@ -32,6 +32,6 @@ func main() { config.Load("..", &appRepository) virtuosoRepository := virtuoso.NewVirtuosoRepository(appRepository.VirtuosoURL, appRepository.VirtuosoUsername, appRepository.VirtuosoPassword) service := graph.NewService(virtuosoRepository) - router := rest.NewRouter(service, graph.OntologyGraphURI(appRepository.OntologyGraphURI), graph.KnowledgeBaseGraphURI(appRepository.GraphURI)) + router := rest.NewRouter(service, graph.OntologyGraphURI(appRepository.OntologyGraphURI), graph.KnowledgeBaseGraphURI(appRepository.GraphURI), appRepository.APISecret) router.Run(":8000") } diff --git a/pkg/config/service.go b/pkg/config/service.go index 3a67808..aaf3cb9 100644 --- a/pkg/config/service.go +++ b/pkg/config/service.go @@ -21,6 +21,7 @@ type Config struct { OntologyGraphURI GraphURI GraphURI GraphURI TestGraphURI GraphURI + APISecret string VirtuosoUsername string VirtuosoPassword string } @@ -36,6 +37,7 @@ func Load(rootPath string, config *Config) { config.VirtuosoUsername = mustGetENV("VIRTUOSO_USERNAME") config.VirtuosoPassword = mustGetENV("VIRTUOSO_PASSWORD") config.OntologyGraphURI = GraphURI(mustGetENV("VIRTUOSO_ONTOLOGY_GRAPH_URI")) + config.APISecret = mustGetENV("API_SECRET") } func mustGetENV(key string) string { diff --git a/pkg/http/rest/middleware.go b/pkg/http/rest/middleware.go index f67e258..c492bc9 100644 --- a/pkg/http/rest/middleware.go +++ b/pkg/http/rest/middleware.go @@ -21,3 +21,14 @@ func validateGraphParameter(validGraphs []graph.TargetGraph) gin.HandlerFunc { c.Abort() } } + +func authenticate(secret string) gin.HandlerFunc { + return func(c *gin.Context) { + if c.GetHeader("Authorization") != secret { + c.JSON(http.StatusUnauthorized, gin.H{"error": "unauthorized"}) + c.Abort() + return + } + c.Next() + } +} diff --git a/pkg/http/rest/routes.go b/pkg/http/rest/routes.go index 0ba81cc..1ba3590 100644 --- a/pkg/http/rest/routes.go +++ b/pkg/http/rest/routes.go @@ -18,9 +18,10 @@ const ( POST Method = http.MethodPost ) -func NewRouter(s graph.Service, ontologyGraph graph.OntologyGraphURI, knowledgeBaseGraph graph.KnowledgeBaseGraphURI) *gin.Engine { +func NewRouter(s graph.Service, ontologyGraph graph.OntologyGraphURI, knowledgeBaseGraph graph.KnowledgeBaseGraphURI, apiSecret string) *gin.Engine { router := gin.Default() router.Use(validateGraphParameter([]graph.TargetGraph{graph.TargetGraph(ontologyGraph), graph.TargetGraph(knowledgeBaseGraph)})) + router.Use(authenticate(apiSecret)) router.GET(string(Triples), getHandler(s)) router.POST(string(Triples), postHandler(s))