feat: implement api key authentication

NibiruResearchCenter · May 16, 2024 · f3e5d47 · f3e5d47
1 parent 31721e0
commit f3e5d47
Show file tree

Hide file tree

Showing 4 changed files with 48 additions and 0 deletions.
diff --git a/src/NibiruConnector/Configuration.cs b/src/NibiruConnector/Configuration.cs
@@ -17,6 +17,9 @@ public static class Configuration
     public static readonly string DiscordNotificationChannel = Environment
         .GetEnvironmentVariable("DISCORD_NOTIFICATION_CHANNEL") ?? "";
 
+    public static readonly string ApiKey = Environment
+        .GetEnvironmentVariable("API_KEY") ?? "";
+
     public static readonly string LoggerFileOutput = Environment
         .GetEnvironmentVariable("LOGGER_FILE_OUTPUT") ?? "";
 

diff --git a/src/NibiruConnector/Configurator.cs b/src/NibiruConnector/Configurator.cs
@@ -6,6 +6,7 @@
 using Discord.WebSocket;
 using MassTransit;
 using NibiruConnector.Extensions;
+using NibiruConnector.Middlewares;
 using NibiruConnector.Services;
 using Serilog;
 using Serilog.Events;
@@ -74,6 +75,13 @@ public static IServiceCollection AddLocalTransit(this IServiceCollection service
         return services;
     }
 
+    public static WebApplication UseApiKeyAuthentication(this WebApplication app)
+    {
+        app.UseMiddleware<ApiKeyAuthenticationMiddleware>();
+
+        return app;
+    }
+
     private const string LoggerOutputTemplate = "[{Timestamp:HH:mm:ss} {Level:u3}] {Message:lj}{NewLine}{Exception}";
 
     private static void ConfigureLogger(this ILoggingBuilder loggingBuilder)

diff --git a/src/NibiruConnector/Middlewares/ApiKeyAuthenticationMiddleware.cs b/src/NibiruConnector/Middlewares/ApiKeyAuthenticationMiddleware.cs
@@ -0,0 +1,35 @@
+namespace NibiruConnector.Middlewares;
+
+public class ApiKeyAuthenticationMiddleware
+{
+    private readonly RequestDelegate _next;
+
+    public ApiKeyAuthenticationMiddleware(RequestDelegate next)
+    {
+        _next = next;
+    }
+
+    public async Task InvokeAsync(HttpContext context)
+    {
+        if (string.IsNullOrEmpty(Configuration.ApiKey))
+        {
+            await _next(context);
+            return;
+        }
+
+        context.Request.Headers.TryGetValue("ApiKey", out var apiKey);
+        if (apiKey.Count != 1)
+        {
+            context.Response.StatusCode = StatusCodes.Status401Unauthorized;
+            return;
+        }
+
+        if (apiKey[0] != Configuration.ApiKey)
+        {
+            context.Response.StatusCode = StatusCodes.Status401Unauthorized;
+            return;
+        }
+
+        await _next(context);
+    }
+}
diff --git a/src/NibiruConnector/Program.cs b/src/NibiruConnector/Program.cs
@@ -10,6 +10,8 @@
 
 var app = builder.Build();
 
+app.UseApiKeyAuthentication();
+
 app.MapControllers();
 
 await app.RunAsync();