CubeCraft-Creations/remote-rig
11
0
Fork 0
generated from CubeCraft-Creations/Tracehound
Code Issues 9 Pull Requests 1 Actions Packages Projects Releases 1 Wiki Activity

CUB-184: API key auth middleware

Browse Source
This commit is contained in:
Joshua
2026-05-18 17:45:25 -04:00
parent e55dae340b
commit c0b2b4cf57
1 changed files with 33 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/auth/middleware.go
+33
View File
@@ -0,0 +1,33 @@
// Package auth provides API key authentication middleware.
package auth
import (
"net/http"
"strings"
)
// Middleware returns a Chi middleware that validates the X-API-Key header.
func Middleware(apiKey string) func(http.Handler) http.Handler {
return func(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
header := r.Header.Get("X-API-Key")
if apiKey == "" {
// No API key configured — allow all requests (kiosk mode)
next.ServeHTTP(w, r)
return
}
if header == "" || header != apiKey {
w.Header().Set("Content-Type", "application/json")
w.WriteHeader(http.StatusUnauthorized)
w.Write([]byte(`{"error":"unauthorized"}`))
return
}
next.ServeHTTP(w, r)
})
}
}
// ExtractKey reads and returns the API key from the request, or empty string.
func ExtractKey(r *http.Request) string {
return r.Header.Get("X-API-Key")
}