email reward

internal/middleware/adminsecretcheck_middleware.go

@@ -0,0 +1,33 @@
+package middleware
+
+import (
+	"errors"
+	"net/http"
+	"nova_task/internal/model"
+)
+
+type AdminSecretCheckMiddleware struct {
+	conf model.NhSystemConfigModel
+}
+
+func NewAdminSecretCheckMiddleware(conf model.NhSystemConfigModel) *AdminSecretCheckMiddleware {
+	return &AdminSecretCheckMiddleware{conf: conf}
+}
+
+func (m *AdminSecretCheckMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		if key, err := m.conf.GetAdminSecret(r.Context()); err != nil {
+			if !errors.Is(err, model.ErrNotFound) {
+				http.Error(w, "system error", http.StatusInternalServerError)
+				return
+			}
+		} else {
+			apiKey := r.Header.Get("x-admin-secret")
+			if apiKey != key {
+				http.Error(w, "Invalid API key", http.StatusUnauthorized)
+				return
+			}
+		}
+		next(w, r)
+	}
+}

internal/middleware/apikeycheck_middleware.go

@@ -0,0 +1,34 @@
+package middleware
+
+import (
+	"errors"
+	"net/http"
+	"nova_task/internal/model"
+)
+
+type ApiKeyCheckMiddleware struct {
+	conf model.NhSystemConfigModel
+}
+
+func NewApiKeyCheckMiddleware(conf model.NhSystemConfigModel) *ApiKeyCheckMiddleware {
+	return &ApiKeyCheckMiddleware{conf: conf}
+}
+
+func (m *ApiKeyCheckMiddleware) Handle(next http.HandlerFunc) http.HandlerFunc {
+	return func(w http.ResponseWriter, r *http.Request) {
+		if key, err := m.conf.GetCarvApiKey(r.Context()); err != nil {
+			if !errors.Is(err, model.ErrNotFound) {
+				http.Error(w, "system error", http.StatusInternalServerError)
+				return
+			}
+		} else {
+			apiKey := r.Header.Get("x-api-key")
+			if apiKey != key {
+				http.Error(w, "Invalid API key", http.StatusUnauthorized)
+				return
+			}
+		}
+
+		next(w, r)
+	}
+}