Create Api Key added

2026-01-11 23:08:03 +01:00
parent a64b10175e
commit 03ef8342e3
11 changed files with 461 additions and 83 deletions
--- a/backend/main.go
+++ b/backend/main.go
@ -38,6 +38,27 @@ func SeedAdmin(db *sqlx.DB) error {
 	return nil
 }

+func NodeAuthMiddleware(repo *repositories.NodeRepository) gin.HandlerFunc {
+	return func(c *gin.Context) {
+		key := c.GetHeader("X-Node-API-Key")
+
+		if key == "" {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Clé API manquante"})
+			c.Abort()
+			return
+		}
+
+		isValid, err := repo.IsApiKeyValid(key)
+		if err != nil || !isValid {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "Clé API invalide"})
+			c.Abort()
+			return
+		}
+
+		c.Next()
+	}
+}
+
 func AuthRequired(c *gin.Context) {
 	session := sessions.Default(c)
 	userID := session.Get("user_id")
@ -92,15 +113,23 @@ func main() {
 	{
 		api.POST("/login", nodeHandler.LoginHandler)

-		api.POST("/register", nodeHandler.HandleRegisterNode)
-		api.POST("/registerService", nodeHandler.HandleRegisterService)
-		api.POST("/updateServiceStatus", nodeHandler.HandleUpdateServiceStatus)
-
 		protected := api.Group("/")
 		protected.Use(AuthRequired)
 		{
 			protected.DELETE("/deleteService", nodeHandler.HandleDeleteService)
+
+			protected.POST("/createApiKey", nodeHandler.CreateApiKeyHandler)
+
 			protected.GET("/retrieveNodeList", nodeHandler.HandleRetrieveNodeList)
+			protected.GET("/retrieveApiKeys", nodeHandler.HandleRetrieveApiKeys)
+		}
+
+		nodes := api.Group("/")
+		nodes.Use(NodeAuthMiddleware(nodeRepo))
+		{
+			nodes.POST("/register", nodeHandler.HandleRegisterNode)
+			nodes.POST("/registerService", nodeHandler.HandleRegisterService)
+			nodes.POST("/updateServiceStatus", nodeHandler.HandleUpdateServiceStatus)
 		}
 	}