Add some authorization to log endpoint

This commit is contained in:
Mikołaj Pich 2023-09-18 21:34:29 +02:00
parent 90139f9d80
commit 7607d6a4fc
6 changed files with 55 additions and 4 deletions

1
.env.example Normal file
View file

@ -0,0 +1 @@
TOKEN=

23
.github/workflows/deploy.yml vendored Normal file
View file

@ -0,0 +1,23 @@
name: Deploy to Oracle Cloud
on:
push:
branches: [ master ]
jobs:
deploy:
runs-on: ubuntu-latest
environment: oracle-cloud
steps:
- uses: actions/checkout@v2
- name: Create .env file
uses: SpicyPizza/create-envfile@v1
with:
envkey_TOKEN: ${{ secrets.TOKEN }}
- uses: alex-ac/github-action-ssh-docker-compose@master
name: Docker-Compose Remote Deployment
with:
ssh_host: ${{ secrets.ORACLE_CLOUD_SSH_HOST }}
ssh_private_key: ${{ secrets.ORACLE_CLOUD_SSH_PRIVATE_KEY }}
ssh_user: ${{ secrets.ORACLE_CLOUD_SSH_USER }}
docker_compose_prefix: schools

View file

@ -40,12 +40,14 @@ dependencies {
implementation("io.ktor:ktor-serialization-kotlinx-json-jvm:$ktor_version")
implementation("io.ktor:ktor-server-netty-jvm:$ktor_version")
implementation("ch.qos.logback:logback-classic:$logback_version")
implementation("io.ktor:ktor-server-auth:$ktor_version")
implementation("org.jetbrains.exposed:exposed-core:$exposed_version")
implementation("org.jetbrains.exposed:exposed-dao:$exposed_version")
implementation("org.jetbrains.exposed:exposed-jdbc:$exposed_version")
implementation("org.jetbrains.exposed:exposed-java-time:$exposed_version")
implementation("com.impossibl.pgjdbc-ng:pgjdbc-ng:0.8.9")
implementation("io.ktor:ktor-server-auth-jvm:2.3.4")
testImplementation("io.ktor:ktor-server-tests-jvm")
testImplementation("io.ktor:ktor-server-test-host-jvm")

View file

@ -1,5 +1,6 @@
package io.github.wulkanowy.schools
import io.github.wulkanowy.schools.plugins.configureAuthorization
import io.github.wulkanowy.schools.plugins.configureRouting
import io.github.wulkanowy.schools.plugins.configureSerialization
import io.ktor.server.application.*
@ -14,5 +15,6 @@ fun main() {
fun Application.module() {
DatabaseFactory.init()
configureSerialization()
configureAuthorization()
configureRouting()
}

View file

@ -0,0 +1,20 @@
package io.github.wulkanowy.schools.plugins
import io.ktor.server.application.*
import io.ktor.server.auth.*
fun Application.configureAuthorization() {
authentication {
bearer("auth") {
realm = "Access to the '/log' path"
authenticate { tokenCredential ->
if (tokenCredential.token == System.getenv("TOKEN")) {
UserIdPrincipal("wulkanowy-app-play")
} else {
null
}
}
}
}
}

View file

@ -4,6 +4,7 @@ import io.github.wulkanowy.schools.dao.LoginEventDao
import io.github.wulkanowy.schools.model.LoginEvent
import io.ktor.http.*
import io.ktor.server.application.*
import io.ktor.server.auth.*
import io.ktor.server.request.*
import io.ktor.server.response.*
import io.ktor.server.routing.*
@ -12,11 +13,13 @@ fun Application.configureRouting() {
val loginEventDao = LoginEventDao()
routing {
authenticate("auth") {
post("/log/loginEvent") {
val loginEvent = call.receive<LoginEvent>()
loginEventDao.addLoginEvent(loginEvent)
call.respond(status = HttpStatusCode.NoContent, "")
}
}
get("/") {
call.respond(loginEventDao.allLoginEvents())
}