Add token-based authorization middleware

3 years ago · c20ef13839
3 changed files with 85 additions and 2 deletions
--- a/auth/authorization.go
+++ b/auth/authorization.go
@ -0,0 +1,19 @@
 package auth
 import "net/http"
 type AuthenticationMiddleware struct {
 	Secret string
 }
 func (middleware AuthenticationMiddleware) Middleware(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		authToken := r.Header.Get("Authorization")
 		if authToken == "" || authToken != middleware.Secret {
 			http.Error(w, "Forbidden", http.StatusForbidden)
 		} else {
 			next.ServeHTTP(w, r)
 		}
 	})
 }
--- a/auth/authorization_test.go
+++ b/auth/authorization_test.go
@ -0,0 +1,50 @@
 package auth
 import (
 	"net/http"
 	"net/http/httptest"
 	"testing"
 	"github.com/stretchr/testify/assert"
 )
 func TestAuthorizationMiddleware(t *testing.T) {
 	t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) {
 		handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			w.WriteHeader(http.StatusOK)
 		})
 		middleware := AuthenticationMiddleware{
 			Secret: "foo",
 		}
 		middlewareHandler := middleware.Middleware(handler)
 		request, _ := http.NewRequest("GET", "/", nil)
 		responseRecorder := httptest.NewRecorder()
 		middlewareHandler.ServeHTTP(responseRecorder, request)
 		assert.Equal(t, responseRecorder.Code, 403)
 	})
 	t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) {
 		handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 			w.WriteHeader(http.StatusOK)
 		})
 		middleware := AuthenticationMiddleware{
 			Secret: "foo",
 		}
 		middlewareHandler := middleware.Middleware(handler)
 		request, _ := http.NewRequest("GET", "/", nil)
 		request.Header.Set("Authorization", "foo")
 		responseRecorder := httptest.NewRecorder()
 		middlewareHandler.ServeHTTP(responseRecorder, request)
 		assert.Equal(t, responseRecorder.Code, 200)
 	})
 }
--- a/main.go
+++ b/main.go
@ -4,9 +4,12 @@ import (
 	"encoding/json"
 	"net/http"
 	"github.com/geplauder/lithium/auth"
 	"github.com/geplauder/lithium/pipelines"
 	"github.com/geplauder/lithium/settings"
 	"github.com/geplauder/lithium/storage"
 	"github.com/gorilla/mux"
 	"github.com/spf13/afero"
 )
 const Name string = "Lithium"
@ -42,13 +45,24 @@ func RegisterPipelineRoutes(r *mux.Router, pipelines []pipelines.IPipeline, stor
 }
 func main() {
 	storageProvider := storage.GetFileSystemStorageProvider("test", "")
 	settings := settings.LoadSettings(afero.NewOsFs())
 	storageProvider.StoreRaw("abc", "def.test", []byte{0x12, 0x10})
 	var storageProvider storage.IStorageProvider
 	if settings.StorageProvider.Type == 0 {
 		storageProvider = storage.GetFileSystemStorageProvider(settings.StorageProvider.BasePath, "")
 	} else {
 		panic("Invalid file system provided!")
 	}
 	pipes := pipelines.LoadPipelines()
 	authMiddleware := auth.AuthenticationMiddleware{
 		Secret: settings.Token,
 	}
 	r := mux.NewRouter()
 	r.Use(authMiddleware.Middleware)
 	r.HandleFunc("/", IndexHandler)
 	RegisterPipelineRoutes(r, pipes, storageProvider)