diff --git a/auth/authorization.go b/auth/authorization.go new file mode 100644 index 0000000..5048228 --- /dev/null +++ b/auth/authorization.go @@ -0,0 +1,28 @@ +package auth + +import ( + "net/http" + "strings" +) + +type AuthenticationMiddleware struct { + secret string +} + +func (middleware AuthenticationMiddleware) Middleware(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + authToken := r.Header.Get("Authorization") + + if authToken == "" || strings.HasPrefix(authToken, "Bearer ") == false || authToken[7:] != middleware.secret { + http.Error(w, "Forbidden", http.StatusForbidden) + } else { + next.ServeHTTP(w, r) + } + }) +} + +func CreateAuthenticationMiddleware(secret string) AuthenticationMiddleware { + return AuthenticationMiddleware{ + secret: secret, + } +} diff --git a/auth/authorization_test.go b/auth/authorization_test.go new file mode 100644 index 0000000..139f416 --- /dev/null +++ b/auth/authorization_test.go @@ -0,0 +1,40 @@ +package auth + +import ( + "net/http" + "net/http/httptest" + "testing" + + "github.com/bxcodec/faker/v3" + "github.com/stretchr/testify/assert" +) + +func TestAuthorizationMiddleware(t *testing.T) { + token := faker.Word() + middleware := CreateAuthenticationMiddleware(token) + + handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(http.StatusOK) + }) + + middlewareHandler := middleware.Middleware(handler) + + t.Run("AuthorizationMiddleware returns 403 response when authorization header is incorrect", func(t *testing.T) { + request, _ := http.NewRequest("GET", "/", nil) + responseRecorder := httptest.NewRecorder() + + middlewareHandler.ServeHTTP(responseRecorder, request) + + assert.Equal(t, 403, responseRecorder.Code) + }) + + t.Run("AuthorizationMiddleware continues when authorization header is correct", func(t *testing.T) { + request, _ := http.NewRequest("GET", "/", nil) + request.Header.Set("Authorization", "Bearer "+token) + responseRecorder := httptest.NewRecorder() + + middlewareHandler.ServeHTTP(responseRecorder, request) + + assert.Equal(t, 200, responseRecorder.Code) + }) +} diff --git a/main.go b/main.go index 31c02ff..75f25e8 100644 --- a/main.go +++ b/main.go @@ -4,9 +4,12 @@ import ( "encoding/json" "net/http" + "github.com/geplauder/lithium/auth" "github.com/geplauder/lithium/pipelines" + "github.com/geplauder/lithium/settings" "github.com/geplauder/lithium/storage" "github.com/gorilla/mux" + "github.com/spf13/afero" ) const Name string = "Lithium" @@ -42,13 +45,22 @@ func RegisterPipelineRoutes(r *mux.Router, pipelines []pipelines.IPipeline, stor } func main() { - storageProvider := storage.GetFileSystemStorageProvider("test", "") + settings := settings.LoadSettings(afero.NewOsFs()) - storageProvider.StoreRaw("abc", "def.test", []byte{0x12, 0x10}) + var storageProvider storage.IStorageProvider + + if settings.StorageProvider.Type == 0 { + storageProvider = storage.GetFileSystemStorageProvider(settings.StorageProvider.BasePath, "") + } else { + panic("Invalid file system provided!") + } pipes := pipelines.LoadPipelines() + authMiddleware := auth.CreateAuthenticationMiddleware(settings.Token) + r := mux.NewRouter() + r.Use(authMiddleware.Middleware) r.HandleFunc("/", IndexHandler) RegisterPipelineRoutes(r, pipes, storageProvider)