Browse Source

Add token-based authorization middleware

feature/update-route-registration
Fabian Vowie 3 years ago
parent
commit
c20ef13839
No known key found for this signature in database GPG Key ID: C27317C33B27C410
  1. 19
      auth/authorization.go
  2. 50
      auth/authorization_test.go
  3. 18
      main.go

19
auth/authorization.go

@ -0,0 +1,19 @@
package auth
import "net/http"
type AuthenticationMiddleware struct {
Secret string
}
func (middleware AuthenticationMiddleware) Middleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
authToken := r.Header.Get("Authorization")
if authToken == "" || authToken != middleware.Secret {
http.Error(w, "Forbidden", http.StatusForbidden)
} else {
next.ServeHTTP(w, r)
}
})
}

50
auth/authorization_test.go

@ -0,0 +1,50 @@
package auth
import (
"net/http"
"net/http/httptest"
"testing"
"github.com/stretchr/testify/assert"
)
func TestAuthorizationMiddleware(t *testing.T) {
t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
})
middleware := AuthenticationMiddleware{
Secret: "foo",
}
middlewareHandler := middleware.Middleware(handler)
request, _ := http.NewRequest("GET", "/", nil)
responseRecorder := httptest.NewRecorder()
middlewareHandler.ServeHTTP(responseRecorder, request)
assert.Equal(t, responseRecorder.Code, 403)
})
t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) {
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusOK)
})
middleware := AuthenticationMiddleware{
Secret: "foo",
}
middlewareHandler := middleware.Middleware(handler)
request, _ := http.NewRequest("GET", "/", nil)
request.Header.Set("Authorization", "foo")
responseRecorder := httptest.NewRecorder()
middlewareHandler.ServeHTTP(responseRecorder, request)
assert.Equal(t, responseRecorder.Code, 200)
})
}

18
main.go

@ -4,9 +4,12 @@ import (
"encoding/json"
"net/http"
"github.com/geplauder/lithium/auth"
"github.com/geplauder/lithium/pipelines"
"github.com/geplauder/lithium/settings"
"github.com/geplauder/lithium/storage"
"github.com/gorilla/mux"
"github.com/spf13/afero"
)
const Name string = "Lithium"
@ -42,13 +45,24 @@ func RegisterPipelineRoutes(r *mux.Router, pipelines []pipelines.IPipeline, stor
}
func main() {
storageProvider := storage.GetFileSystemStorageProvider("test", "")
settings := settings.LoadSettings(afero.NewOsFs())
storageProvider.StoreRaw("abc", "def.test", []byte{0x12, 0x10})
var storageProvider storage.IStorageProvider
if settings.StorageProvider.Type == 0 {
storageProvider = storage.GetFileSystemStorageProvider(settings.StorageProvider.BasePath, "")
} else {
panic("Invalid file system provided!")
}
pipes := pipelines.LoadPipelines()
authMiddleware := auth.AuthenticationMiddleware{
Secret: settings.Token,
}
r := mux.NewRouter()
r.Use(authMiddleware.Middleware)
r.HandleFunc("/", IndexHandler)
RegisterPipelineRoutes(r, pipes, storageProvider)

Loading…
Cancel
Save