1 files changed, 34 insertions, 0 deletions
diff --git a/web/middleware/api_auth.go b/web/middleware/api_auth.go
new file mode 100644
index 0000000..b854297
--- /dev/null
+++ b/web/middleware/api_auth.go
@@ -0,0 +1,34 @@
+package middleware
+import (
+        "net/http"
+        "strings"
+        "github.com/gin-gonic/gin"
+)
+const API_AUTH_USER_KEY = "APIAuthUserKey"
+func ApiAuthMiddleware(c *gin.Context) {
+        cfg := GetServerConfig(c)
+        auth := strings.Split(c.Request.Header.Get("Authorization"), " ")
+        if len(auth) != 2 || auth[0] != "Bearer" {
+                c.AbortWithStatus(http.StatusUnauthorized)
+                return
+        }
+        if user, ok := cfg.ApiSecrets[auth[1]]; ok {
+                c.Set(API_AUTH_USER_KEY, user)
+        } else {
+                c.AbortWithStatus(http.StatusUnauthorized)
+                return
+        }
+        c.Next()
+}
+func GetAPIAuthUser(c *gin.Context) string {
+        return c.GetString(API_AUTH_USER_KEY)
+}

diff --git a/web/middleware/api_auth.go b/web/middleware/api_auth.go new file mode 100644 index 0000000..b854297 --- /dev/null +++ b/web/middleware/api_auth.go
@@ -0,0 +1,34 @@
	1	package middleware
	2
	3	import (
	4	"net/http"
	5	"strings"
	6
	7	"github.com/gin-gonic/gin"
	8	)
	9
	10	const API_AUTH_USER_KEY = "APIAuthUserKey"
	11
	12	func ApiAuthMiddleware(c *gin.Context) {
	13	cfg := GetServerConfig(c)
	14
	15	auth := strings.Split(c.Request.Header.Get("Authorization"), " ")
	16
	17	if len(auth) != 2 \|\| auth[0] != "Bearer" {
	18	c.AbortWithStatus(http.StatusUnauthorized)
	19	return
	20	}
	21
	22	if user, ok := cfg.ApiSecrets[auth[1]]; ok {
	23	c.Set(API_AUTH_USER_KEY, user)
	24	} else {
	25	c.AbortWithStatus(http.StatusUnauthorized)
	26	return
	27	}
	28
	29	c.Next()
	30	}
	31
	32	func GetAPIAuthUser(c *gin.Context) string {
	33	return c.GetString(API_AUTH_USER_KEY)
	34	}