Rosti/node-api
3
0
Fork 0
Code Issues 2 Pull Requests Actions Projects Releases 12 Wiki Activity

Skip auth for metrics

Browse Source
This commit is contained in:
Adam Štrauch 2021-04-20 18:34:53 +02:00
parent b8007500e7
commit e9c46f5d5c
Signed by: cx
GPG Key ID: 018304FFA8988F8D
1 changed files with 12 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
auth.go
View File

@ -7,6 +7,8 @@ import (
"github.com/labstack/echo" "github.com/labstack/echo"
) )
var skipPaths []string = []string{"/metrics"}
var configuredToken string var configuredToken string
func init() { func init() {
@ -17,14 +19,22 @@ func init() {
// TokenMiddleware handles authentication // TokenMiddleware handles authentication
func TokenMiddleware(next echo.HandlerFunc) echo.HandlerFunc { func TokenMiddleware(next echo.HandlerFunc) echo.HandlerFunc {
return func(c echo.Context) error { return func(c echo.Context) error {
// Skip selected paths
var skip bool
for _, path := range skipPaths {
if path == c.Request().URL.Path {
skip = true
}
}
tokenHeader := c.Request().Header.Get("Authorization") tokenHeader := c.Request().Header.Get("Authorization")
token := strings.Replace(tokenHeader, "Token ", "", -1) token := strings.Replace(tokenHeader, "Token ", "", -1)
if token == "" { if token == "" && !skip {
token = c.QueryParam("token") token = c.QueryParam("token")
} }
if token != configuredToken || configuredToken == "" { if (token != configuredToken || configuredToken == "") && !skip {
return c.JSONPretty(403, map[string]string{"message": "access denied"}, " ") return c.JSONPretty(403, map[string]string{"message": "access denied"}, " ")
} }