Expect bearer prefix in authorization header

2022-08-21 22:48:18 +02:00 · 2022-08-21 22:48:18 +02:00 · d0e52760d9
parent f330279e05
commit d0e52760d9
2 changed files with 6 additions and 2 deletions
--- a/server/config/config.go
+++ b/server/config/config.go
@ -29,8 +29,10 @@ func LoadConfig() *Config {
 		Ip:           os.Getenv("BIND_IP"),
 		AuthUsername: os.Getenv("AUTH_USERNAME"),
 		AuthPassword: os.Getenv("AUTH_PASSWORD"),
-		AuthKey:      os.Getenv("SENSOR_AUTH_KEY"),
+		AuthKey:      os.Getenv("AUTH_KEY"),
 	}

+	// TODO: Crash when any auth* param is empty
+
 	return &config
 }
--- a/server/middleware/auth.go
+++ b/server/middleware/auth.go
@ -22,8 +22,10 @@ func LoginAuthMiddleware(server *app.Server) gin.HandlerFunc {
 }

 func KeyAuthMiddleware(server *app.Server) gin.HandlerFunc {
+	keyWithBearer := "Bearer " + server.Config.AuthKey
+
 	return func(c *gin.Context) {
-		if c.GetHeader("authorization") != server.Config.AuthKey {
+		if c.GetHeader("authorization") != keyWithBearer {
 			c.AbortWithStatus(http.StatusUnauthorized)

 			return