diff options
Diffstat (limited to 'web/middleware/api_auth.go')
-rw-r--r-- | web/middleware/api_auth.go | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/web/middleware/api_auth.go b/web/middleware/api_auth.go new file mode 100644 index 0000000..b854297 --- /dev/null +++ b/web/middleware/api_auth.go | |||
@@ -0,0 +1,34 @@ | |||
1 | package middleware | ||
2 | |||
3 | import ( | ||
4 | "net/http" | ||
5 | "strings" | ||
6 | |||
7 | "github.com/gin-gonic/gin" | ||
8 | ) | ||
9 | |||
10 | const API_AUTH_USER_KEY = "APIAuthUserKey" | ||
11 | |||
12 | func ApiAuthMiddleware(c *gin.Context) { | ||
13 | cfg := GetServerConfig(c) | ||
14 | |||
15 | auth := strings.Split(c.Request.Header.Get("Authorization"), " ") | ||
16 | |||
17 | if len(auth) != 2 || auth[0] != "Bearer" { | ||
18 | c.AbortWithStatus(http.StatusUnauthorized) | ||
19 | return | ||
20 | } | ||
21 | |||
22 | if user, ok := cfg.ApiSecrets[auth[1]]; ok { | ||
23 | c.Set(API_AUTH_USER_KEY, user) | ||
24 | } else { | ||
25 | c.AbortWithStatus(http.StatusUnauthorized) | ||
26 | return | ||
27 | } | ||
28 | |||
29 | c.Next() | ||
30 | } | ||
31 | |||
32 | func GetAPIAuthUser(c *gin.Context) string { | ||
33 | return c.GetString(API_AUTH_USER_KEY) | ||
34 | } | ||