Merge pull request #119 from modulr-software/feat/api-key-implementation

api key implementation

Author: toasted226

src/source/middleware/auth/core.clj

@@ -57,9 +57,26 @@
             (assoc :bundle-id id)
             (handler))
         (->
-         (res/response {:message "The bundle you are looking for does not exist"})
+         (res/response {:message "The bundle you are looking for does not exist."})
          (res/status 404))))))
 
+(defn wrap-auth-api-key
+  "validates the api key from the Authorization header for unauthenticated 
+  users and attaches the bundle-id to the request"
+  [handler]
+  (fn [request]
+    (let [ds (db.util/conn :master)
+          {:keys [bundle-id user-id]} (validate-request request)
+          existing-bundle (bundles/bundle ds {:where [:and
+                                                      [:= :id bundle-id]
+                                                      [:= :user-id user-id]]})]
+      (if (some? existing-bundle)
+        (-> request
+            (assoc :bundle-id bundle-id)
+            (handler))
+        (-> (res/response {:message "The bundle you are looking for does not exist."})
+            (res/status 404))))))
+
 (comment
   (let [authed-request {:headers {"Authorization"
                                   (str
@@ -115,8 +132,8 @@
                  (:bundle-id))))
     (println "tests passed")
     (db/delete! ds
-             {:tname :bundles
-              :where [:like :name "test-bundle-%"]
-              :ret :*}))
+                {:tname :bundles
+                 :where [:like :name "test-bundle-%"]
+                 :ret :*}))
 
   ())

src/source/middleware/core.clj

@@ -23,7 +23,7 @@
         (assoc :store store)
         (handler))))
 
-(defn wrap-js 
+(defn wrap-js
   "attaches the provided job service to the handler's request"
   [handler js]
   (fn [request]
@@ -39,7 +39,7 @@
   (-> app
       (wrap-store store)))
 
-(defn apply-js 
+(defn apply-js
   "middleware for attaching the job service to the request"
   [app js]
   (-> app
@@ -96,3 +96,7 @@
 (defn apply-bundle [app]
   (-> app
       (auth/wrap-bundle-id)))
+
+(defn apply-api-key [app]
+  (-> app
+      (auth/wrap-auth-api-key)))

src/source/middleware/interface.clj

@@ -11,3 +11,6 @@
 
 (defn apply-bundle [app]
   (mw/apply-bundle app))
+
+(defn apply-api-key [app]
+  (mw/apply-api-key app))

src/source/routes/integration_key.clj

@@ -0,0 +1,16 @@
+(ns source.routes.integration-key
+  (:require [source.middleware.auth.util :as auth.util]
+            [ring.util.response :as res]))
+
+(defn post
+  {:summary "generate an API key for the integration with the given id"
+   :parameters {:path [:map [:id {:title "id"
+                                  :description "integration id"} :int]]}
+   :responses {200 {:body [:map [:key :string]]}
+               401 {:body [:map [:message :string]]}
+               403 {:body [:map [:message :string]]}}}
+
+  [{:keys [user path-params] :as _request}]
+  (let [api-key (auth.util/sign-jwt {:user-id (:id user)
+                                     :bundle-id (:id path-params)})]
+    (res/response {:key api-key})))

src/source/routes/reitit.clj

@@ -40,6 +40,7 @@
             [source.routes.feed-categories :as feed-categories]
             [source.routes.integrations :as integrations]
             [source.routes.integration :as integration]
+            [source.routes.integration-key :as integration-key]
             [source.routes.integration-categories :as integration-categories]
             [source.routes.bundle :as bundle]
             [source.routes.bundle-feeds :as bundle-feeds]
@@ -171,6 +172,7 @@
       ["/:id"
        [""              (route {:get integration/get
                                 :post integration/post})]
+       ["/key"          (route {:post integration-key/post})]
        ["/categories"   (route {:get integration-categories/get
                                 :post integration-categories/post})]]]