backend/internal/middleware/api_key_auth.go

package middleware

import (
	"github.com/gin-gonic/gin"
	"github.com/pocket-id/pocket-id/backend/internal/common"
	"github.com/pocket-id/pocket-id/backend/internal/service"
)

type ApiKeyAuthMiddleware struct {
	apiKeyService *service.ApiKeyService
	jwtService    *service.JwtService
}

func NewApiKeyAuthMiddleware(apiKeyService *service.ApiKeyService, jwtService *service.JwtService) *ApiKeyAuthMiddleware {
	return &ApiKeyAuthMiddleware{
		apiKeyService: apiKeyService,
		jwtService:    jwtService,
	}
}

func (m *ApiKeyAuthMiddleware) Add(adminRequired bool) gin.HandlerFunc {
	return func(c *gin.Context) {
		userID, isAdmin, err := m.Verify(c, adminRequired)
		if err != nil {
			c.Abort()
			_ = c.Error(err)
			return
		}

		c.Set("userID", userID)
		c.Set("userIsAdmin", isAdmin)
		c.Next()
	}
}

func (m *ApiKeyAuthMiddleware) Verify(c *gin.Context, adminRequired bool) (userID string, isAdmin bool, err error) {
	apiKey := c.GetHeader("X-API-KEY")

	user, err := m.apiKeyService.ValidateApiKey(c.Request.Context(), apiKey)
	if err != nil {
		return "", false, &common.NotSignedInError{}
	}

	if user.Disabled {
		return "", false, &common.UserDisabledError{}
	}

	if adminRequired && !user.IsAdmin {
		return "", false, &common.MissingPermissionError{}
	}

	return user.ID, user.IsAdmin, nil
}
feat: api key authentication (#291) Co-authored-by: Elias Schneider <login@eliasschneider.com> 2025-03-11 14:16:42 -05:00			`package middleware`

			`import (`
			`"github.com/gin-gonic/gin"`
			`"github.com/pocket-id/pocket-id/backend/internal/common"`
			`"github.com/pocket-id/pocket-id/backend/internal/service"`
			`)`

			`type ApiKeyAuthMiddleware struct {`
			`apiKeyService *service.ApiKeyService`
			`jwtService *service.JwtService`
			`}`

			`func NewApiKeyAuthMiddleware(apiKeyService service.ApiKeyService, jwtService service.JwtService) *ApiKeyAuthMiddleware {`
			`return &ApiKeyAuthMiddleware{`
			`apiKeyService: apiKeyService,`
			`jwtService: jwtService,`
			`}`
			`}`

			`func (m *ApiKeyAuthMiddleware) Add(adminRequired bool) gin.HandlerFunc {`
			`return func(c *gin.Context) {`
			`userID, isAdmin, err := m.Verify(c, adminRequired)`
			`if err != nil {`
			`c.Abort()`
refactor: fix code smells 2025-03-27 16:48:36 +01:00			`_ = c.Error(err)`
feat: api key authentication (#291) Co-authored-by: Elias Schneider <login@eliasschneider.com> 2025-03-11 14:16:42 -05:00			`return`
			`}`

			`c.Set("userID", userID)`
			`c.Set("userIsAdmin", isAdmin)`
			`c.Next()`
			`}`
			`}`

			`func (m ApiKeyAuthMiddleware) Verify(c gin.Context, adminRequired bool) (userID string, isAdmin bool, err error) {`
			`apiKey := c.GetHeader("X-API-KEY")`

fix: use transactions when operations involve multiple database queries (#392) Co-authored-by: Kyle Mendell <kmendell@ofkm.us> 2025-04-06 06:04:08 -07:00			`user, err := m.apiKeyService.ValidateApiKey(c.Request.Context(), apiKey)`
feat: api key authentication (#291) Co-authored-by: Elias Schneider <login@eliasschneider.com> 2025-03-11 14:16:42 -05:00			`if err != nil {`
			`return "", false, &common.NotSignedInError{}`
			`}`

feat: disable/enable users (#437) Co-authored-by: Elias Schneider <login@eliasschneider.com> 2025-04-18 10:38:50 -05:00			`if user.Disabled {`
			`return "", false, &common.UserDisabledError{}`
			`}`

feat: api key authentication (#291) Co-authored-by: Elias Schneider <login@eliasschneider.com> 2025-03-11 14:16:42 -05:00			`if adminRequired && !user.IsAdmin {`
			`return "", false, &common.MissingPermissionError{}`
			`}`

			`return user.ID, user.IsAdmin, nil`
			`}`