chore: fix some validation issues

2026-04-29 15:23:13 +02:00
parent 6669fda371
commit da3dee9ae7
5 changed files with 47 additions and 27 deletions
@@ -4,10 +4,13 @@ import (
 	"log/slog"
 	"net/http"
 	"orbits-server/internal/server/api/assets"
+	"orbits-server/internal/server/service"
+	"orbits-server/internal/shared/security"
 	"strings"
 	"time"

 	"github.com/gin-gonic/gin"
+	"gorm.io/gorm"
 )

 func SlogMiddleware(logger *slog.Logger) gin.HandlerFunc {
@@ -38,7 +41,9 @@ func SlogMiddleware(logger *slog.Logger) gin.HandlerFunc {
 	}
 }

-func AuthMiddleware() gin.HandlerFunc {
+func AuthMiddleware(db *gorm.DB) gin.HandlerFunc {
+	keyService := service.NewKeyService(db)
+
 	return func(c *gin.Context) {
 		authorizationHeader := c.GetHeader("Authorization")
 		if len(authorizationHeader) == 0 {
@@ -58,6 +63,22 @@ func AuthMiddleware() gin.HandlerFunc {
 			return
 		}

-		//givenKey := headerParts[1]
+		candidateKey := headerParts[1]
+		storedKeys, err := keyService.ListValidKeyHashes()
+		if err != nil {
+			slog.Error("failed to retrieve key hashes", "error", err)
+			assets.InternalErrorResponse(c)
+		}
+
+		for _, key := range storedKeys {
+			if match := security.CompareKey(key, candidateKey); match {
+				c.Next()
+				return
+			}
+		}
+
+		c.AbortWithStatusJSON(http.StatusUnauthorized, assets.ResponseObject{
+			Msg: "invalid key",
+		})
 	}
 }