PhoneAPIKeyAuth authenticates a user from the X-API-Key header
(logger telemetry.Logger, tracer telemetry.Tracer, repository repositories.PhoneAPIKeyRepository)
| 12 | |
| 13 | // PhoneAPIKeyAuth authenticates a user from the X-API-Key header |
| 14 | func PhoneAPIKeyAuth(logger telemetry.Logger, tracer telemetry.Tracer, repository repositories.PhoneAPIKeyRepository) fiber.Handler { |
| 15 | logger = logger.WithService("middlewares.APIKeyAuth") |
| 16 | |
| 17 | return func(c fiber.Ctx) error { |
| 18 | ctx, span, ctxLogger := tracer.StartFromFiberCtxWithLogger(c, logger, "middlewares.APIKeyAuth") |
| 19 | defer span.End() |
| 20 | |
| 21 | apiKey := c.Get(authHeaderAPIKey) |
| 22 | if len(apiKey) == 0 || apiKey == "undefined" || !strings.HasPrefix(apiKey, "pk_") { |
| 23 | span.AddEvent(fmt.Sprintf("the request header has no [%s] header for the phone key", authHeaderAPIKey)) |
| 24 | return c.Next() |
| 25 | } |
| 26 | |
| 27 | authUser, err := repository.LoadAuthContext(ctx, apiKey) |
| 28 | if err != nil { |
| 29 | ctxLogger.Error(stacktrace.Propagate(err, fmt.Sprintf("cannot load user with phone api key [%s]", apiKey))) |
| 30 | return c.Next() |
| 31 | } |
| 32 | |
| 33 | c.Locals(ContextKeyAuthUserID, authUser) |
| 34 | return c.Next() |
| 35 | } |
| 36 | } |
nothing calls this directly
no test coverage detected