56 lines
1.1 KiB
Go
56 lines
1.1 KiB
Go
package api
|
|
|
|
import (
|
|
"crypto/sha256"
|
|
"crypto/subtle"
|
|
"regexp"
|
|
"strings"
|
|
|
|
"github.com/gofiber/fiber/v2"
|
|
"github.com/gofiber/fiber/v2/middleware/keyauth"
|
|
)
|
|
|
|
var (
|
|
apiKey = "willbechanged"
|
|
protectedURLs = []*regexp.Regexp{
|
|
regexp.MustCompile("^/api$"),
|
|
}
|
|
errForbidden = &fiber.Error{
|
|
Code: 403,
|
|
Message: "API Key is missing or invalid",
|
|
}
|
|
)
|
|
|
|
func apiKeyValidator(apiKey string) func(*fiber.Ctx, string) (bool, error) {
|
|
return func(_ *fiber.Ctx, key string) (bool, error) {
|
|
hashedAPIKey := sha256.Sum256([]byte(apiKey))
|
|
hashedKey := sha256.Sum256([]byte(key))
|
|
|
|
if subtle.ConstantTimeCompare(hashedAPIKey[:], hashedKey[:]) == 1 {
|
|
return true, nil
|
|
}
|
|
|
|
return false, keyauth.ErrMissingOrMalformedAPIKey
|
|
}
|
|
}
|
|
|
|
func protectedRoutesFilter(ctx *fiber.Ctx) bool {
|
|
originalURL := strings.ToLower(ctx.OriginalURL())
|
|
|
|
for _, pattern := range protectedURLs {
|
|
if pattern.MatchString(originalURL) {
|
|
return false
|
|
}
|
|
}
|
|
return true
|
|
}
|
|
|
|
func successHandler(ctx *fiber.Ctx) error {
|
|
return ctx.Next()
|
|
}
|
|
|
|
func errHandler(ctx *fiber.Ctx, err error) error {
|
|
ctx.Status(fiber.StatusForbidden)
|
|
|
|
return ctx.JSON(errForbidden)
|
|
}
|