Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FEAT: skeleton authN middleware #52

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

FEAT: skeleton authN middleware #52

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion .env.example
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
HOST=localhost
PORT=8080
ALLOWED_ORIGINS=http://localhost:8080
ALLOWED_ORIGINS=http://localhost:8080
AUTH_PROVIDER=none
2 changes: 2 additions & 0 deletions config/config.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ type Config struct {
Host string
Port string
AllowedOrigin string
AuthProvider string
}

func New() Config {
Expand All @@ -19,6 +20,7 @@ func New() Config {
Host: host,
Port: port,
AllowedOrigin: getEnvDefault("ALLOWED_ORIGINS", fmt.Sprintf("http://%s:%s", host, port)),
AuthProvider: getEnvDefault("AUTH_PROVIDER", "none"),
}
}

Expand Down
44 changes: 44 additions & 0 deletions server/auth.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
package server

import (
"net/http"
"strings"

"github.com/xray-web/web-check-api/config"
)

type User struct {
ID string
Email string
Name string
Roles []string
}

type Auth struct {
conf config.Config
// connection / sdk to auth provider, to trade token for user session token
}

func NewAuth(conf config.Config) *Auth {
// TODO: reduce scope of conf when we know what auth provider we will use
return &Auth{conf: conf}
}

func (a *Auth) Authenticate(h http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if a.conf.AuthProvider == "none" {
h.ServeHTTP(w, r)
return

Check warning on line 31 in server/auth.go

View check run for this annotation

Codecov / codecov/patch

server/auth.go#L29-L31 

Added lines #L29 - L31 were not covered by tests
}
authHeader := r.Header.Get("Authorization")

Check warning on line 33 in server/auth.go

View check run for this annotation

Codecov / codecov/patch

server/auth.go#L33 

Added line #L33 was not covered by tests
// expect "Bearer token" format
parts := strings.Split(authHeader, " ")
if len(parts) != 2 || parts[0] != "Bearer" {
w.WriteHeader(http.StatusUnauthorized)
return

Check warning on line 38 in server/auth.go

View check run for this annotation

Codecov / codecov/patch

server/auth.go#L35-L38 

Added lines #L35 - L38 were not covered by tests
}
// use token to get user ID from auth provider
// TODO: swap token for user session token

})
}
7 changes: 7 additions & 0 deletions server/middleware.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -49,3 +49,10 @@ func HealthCheck() http.Handler {
json.NewEncoder(w).Encode(Response{Status: "ok"})
})
}

func middlewares(h http.Handler, middlewares ...func(http.Handler) http.Handler) http.Handler {
for _, m := range middlewares {
h = m(h)
}
return h
}
5 changes: 4 additions & 1 deletion server/server.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,7 +53,10 @@ func (s *Server) routes() {
s.mux.Handle("GET /api/tls", handlers.HandleTLS(s.checks.Tls))
s.mux.Handle("GET /api/trace-route", handlers.HandleTraceRoute())

s.srv.Handler = s.CORS(s.mux)
s.srv.Handler = middlewares(s.mux,
s.CORS,
NewAuth(s.conf).Authenticate,
)
}

func (s *Server) Run() error {
Expand Down