From 90c0a346ed822e328d31f6622f0f6df916ea4072 Mon Sep 17 00:00:00 2001 From: Grendgi Date: Wed, 17 Jun 2026 14:26:04 +0300 Subject: [PATCH] chore: use common internal auth --- cmd/server/main.go | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) diff --git a/cmd/server/main.go b/cmd/server/main.go index 09de14a..7f8d5ed 100644 --- a/cmd/server/main.go +++ b/cmd/server/main.go @@ -194,10 +194,11 @@ func (a *app) serveHTTP(w http.ResponseWriter, r *http.Request) { writeError(w, http.StatusNotFound, "not found") return } - if !a.checkInternalAuth(w, r) { - return - } + commonmw.InternalAuth(a.cfg.InternalAPIKey)(http.HandlerFunc(a.serveAPI)).ServeHTTP(w, r) +} +func (a *app) serveAPI(w http.ResponseWriter, r *http.Request) { + path := a.apiPath(r.URL.Path) ctx := r.Context() switch { case r.Method == http.MethodGet && path == "/api/v1/access/me": @@ -233,18 +234,6 @@ func (a *app) serveHTTP(w http.ResponseWriter, r *http.Request) { } } -func (a *app) checkInternalAuth(w http.ResponseWriter, r *http.Request) bool { - want := strings.TrimSpace(a.cfg.InternalAPIKey) - if want == "" { - return true - } - if r.Header.Get("X-Internal-Key") != want { - writeError(w, http.StatusUnauthorized, "unauthorized") - return false - } - return true -} - func (a *app) apiPath(path string) string { base := strings.TrimRight(a.cfg.PublicBasePath, "/") if base != "" && strings.HasPrefix(path, base+"/") {