feat: add simple optional api key management for protect routes in --serve mode

2026-02-13 15:34:59 -05:00 · 2025-04-01 00:51:56 +02:00
parent 8d02f5b21d
commit 15a2eeadc9
4 changed files with 28 additions and 2 deletions
--- a/restapi/auth.go
+++ b/restapi/auth.go
@@ -0,0 +1,21 @@
+package restapi
+
+import (
+	"net/http"
+	"fmt"
+
+	"github.com/gin-gonic/gin"
+)
+
+func ApiKeyMiddleware(apiKey string) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		headerApiKey := c.GetHeader("X-API-Key")
+
+		if headerApiKey != apiKey {
+        	c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": fmt.Sprintf("Wrong or missing API Key")})
+			return
+		}
+
+		c.Next()
+	}
+}
--- a/restapi/serve.go
+++ b/restapi/serve.go
@@ -5,13 +5,17 @@ import (
 	"github.com/gin-gonic/gin"
 )

-func Serve(registry *core.PluginRegistry, address string) (err error) {
+func Serve(registry *core.PluginRegistry, address string, apiKey string) (err error) {
 	r := gin.New()

 	// Middleware
 	r.Use(gin.Logger())
 	r.Use(gin.Recovery())

+	if apiKey != "" {
+	    r.Use(ApiKeyMiddleware(apiKey))
+	}
+
 	// Register routes
 	fabricDb := registry.Db
 	NewPatternsHandler(r, fabricDb.Patterns)