33 lines
738 B
Go
33 lines
738 B
Go
package middleware
|
|
|
|
import (
|
|
"encoding/json"
|
|
"net/http"
|
|
|
|
"github.com/jmoiron/sqlx"
|
|
|
|
"emly-api-go/internal/config"
|
|
)
|
|
|
|
func APIKeyAuth(_ *sqlx.DB) func(http.Handler) http.Handler {
|
|
cfg := config.Load()
|
|
|
|
allowed := make(map[string]struct{}, len(cfg.APIKeys))
|
|
for _, k := range cfg.APIKeys {
|
|
allowed[k] = struct{}{}
|
|
}
|
|
|
|
return func(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
key := r.Header.Get("X-API-Key")
|
|
if _, ok := allowed[key]; !ok {
|
|
w.Header().Set("Content-Type", "application/json")
|
|
w.WriteHeader(http.StatusUnauthorized)
|
|
json.NewEncoder(w).Encode(map[string]string{"error": "unauthorized"})
|
|
return
|
|
}
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|
|
}
|