From ccd56165c74fa31bf256dabd3c80bb62da64bfd4 Mon Sep 17 00:00:00 2001 From: Grendgi Date: Wed, 17 Jun 2026 14:26:04 +0300 Subject: [PATCH] chore: use common internal auth --- internal/pf/http.go | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) diff --git a/internal/pf/http.go b/internal/pf/http.go index 9f6ae4c..17f946f 100644 --- a/internal/pf/http.go +++ b/internal/pf/http.go @@ -32,8 +32,14 @@ func (s Server) ServeHTTP(w http.ResponseWriter, r *http.Request) { writeJSON(w, http.StatusOK, map[string]string{"service": "monitoring-pf", "ui": "portal", "api": "go"}) case !strings.HasPrefix(path, "/api/v1"): writeError(w, http.StatusNotFound, "not found") - case !s.checkInternalAuth(w, r): - return + default: + commonmw.InternalAuth(s.App.Cfg.InternalAPIKey)(http.HandlerFunc(s.serveAPI)).ServeHTTP(w, r) + } +} + +func (s Server) serveAPI(w http.ResponseWriter, r *http.Request) { + path := s.apiPath(r.URL.Path) + switch { case path == "/api/v1/access/me" && r.Method == http.MethodGet: s.accessMe(w, r) case path == "/api/v1/summary" && r.Method == http.MethodGet: @@ -55,18 +61,6 @@ func (s Server) ServeHTTP(w http.ResponseWriter, r *http.Request) { } } -func (s Server) checkInternalAuth(w http.ResponseWriter, r *http.Request) bool { - want := strings.TrimSpace(s.App.Cfg.InternalAPIKey) - if want == "" { - return true - } - if r.Header.Get("X-Internal-Key") != want { - writeError(w, http.StatusUnauthorized, "unauthorized") - return false - } - return true -} - func (s Server) apiPath(path string) string { base := s.App.Cfg.PublicBasePath if base != "" && path == base {