diff --git a/api/http.go b/api/http.go index c0075655a..1bf9ad585 100644 --- a/api/http.go +++ b/api/http.go @@ -12,7 +12,7 @@ import ( "github.com/livepeer/catalyst-api/middleware" ) -func ListenAndServe(apiPort, mistPort, mistHttpPort int) error { +func ListenAndServe(apiPort, mistPort, mistHttpPort int, apiToken string) error { mc := &clients.MistClient{ ApiUrl: fmt.Sprintf("http://localhost:%d/api2", mistPort), HttpReqUrl: fmt.Sprintf("http://localhost:%d", mistHttpPort), @@ -20,7 +20,7 @@ func ListenAndServe(apiPort, mistPort, mistHttpPort int) error { } listen := fmt.Sprintf("0.0.0.0:%d", apiPort) - router := NewCatalystAPIRouter(mc) + router := NewCatalystAPIRouter(mc, apiToken) _ = config.Logger.Log( "msg", "Starting Catalyst API", @@ -30,7 +30,7 @@ func ListenAndServe(apiPort, mistPort, mistHttpPort int) error { return http.ListenAndServe(listen, router) } -func NewCatalystAPIRouter(mc *clients.MistClient) *httprouter.Router { +func NewCatalystAPIRouter(mc *clients.MistClient, apiToken string) *httprouter.Router { router := httprouter.New() withLogging := middleware.LogRequest() withAuth := middleware.IsAuthorized @@ -42,8 +42,8 @@ func NewCatalystAPIRouter(mc *clients.MistClient) *httprouter.Router { router.GET("/ok", withLogging(catalystApiHandlers.Ok())) // Public Catalyst API - router.POST("/api/vod", withLogging(withAuth(catalystApiHandlers.UploadVOD()))) - router.POST("/api/transcode/file", withLogging(withAuth(catalystApiHandlers.TranscodeSegment()))) + router.POST("/api/vod", withLogging(withAuth(apiToken, catalystApiHandlers.UploadVOD()))) + router.POST("/api/transcode/file", withLogging(withAuth(apiToken, catalystApiHandlers.TranscodeSegment()))) // Endpoint to receive "Triggers" (callbacks) from Mist router.POST("/api/mist/trigger", withLogging(mistCallbackHandlers.Trigger())) diff --git a/api/http_test.go b/api/http_test.go index 1729e0517..56302ad4b 100644 --- a/api/http_test.go +++ b/api/http_test.go @@ -8,7 +8,7 @@ import ( func TestInitServer(t *testing.T) { require := require.New(t) - router := NewCatalystAPIRouter(nil) + router := NewCatalystAPIRouter(nil, "IAmAuthorized") handle, _, _ := router.Lookup("GET", "/ok") require.NotNil(handle) diff --git a/main.go b/main.go index 05751fa78..47fae38b4 100644 --- a/main.go +++ b/main.go @@ -13,6 +13,7 @@ func main() { port := flag.Int("port", 4949, "Port to listen on") mistPort := flag.Int("mist-port", 4242, "Port to listen on") mistHttpPort := flag.Int("mist-http-port", 8080, "Port to listen on") + apiToken := flag.String("api-token", "IAmAuthorized", "Auth header value for API access") flag.StringVar(&config.RecordingCallback, "recording", "http://recording.livepeer.com/recording/status", "Callback URL for recording start&stop events") mistJson := flag.Bool("j", false, "Print application info as JSON. Used by Mist to present flags in its UI.") flag.Parse() @@ -22,7 +23,7 @@ func main() { return } - if err := api.ListenAndServe(*port, *mistPort, *mistHttpPort); err != nil { + if err := api.ListenAndServe(*port, *mistPort, *mistHttpPort, *apiToken); err != nil { log.Fatal(err) } } diff --git a/middleware/auth.go b/middleware/auth.go index 856f1b52e..3f218c214 100644 --- a/middleware/auth.go +++ b/middleware/auth.go @@ -8,9 +8,7 @@ import ( "github.com/livepeer/catalyst-api/errors" ) -var testToken = "IAmAuthorized" - -func IsAuthorized(next httprouter.Handle) httprouter.Handle { +func IsAuthorized(apiToken string, next httprouter.Handle) httprouter.Handle { return func(w http.ResponseWriter, r *http.Request, ps httprouter.Params) { authHeader := r.Header.Get("Authorization") @@ -21,7 +19,7 @@ func IsAuthorized(next httprouter.Handle) httprouter.Handle { token := strings.TrimPrefix(authHeader, "Bearer ") - if token != testToken { + if token != apiToken { errors.WriteHTTPUnauthorized(w, "Invalid Token", nil) return } diff --git a/middleware/middleware_test.go b/middleware/middleware_test.go index dd85bc06f..93c9e5aa5 100644 --- a/middleware/middleware_test.go +++ b/middleware/middleware_test.go @@ -17,7 +17,7 @@ func TestNoAuthHeader(t *testing.T) { req, _ := http.NewRequest("GET", "/ok", nil) rr := httptest.NewRecorder() catalystApiHandlers := handlers.CatalystAPIHandlersCollection{} - router.GET("/ok", IsAuthorized(catalystApiHandlers.Ok())) + router.GET("/ok", IsAuthorized("IAmAuthorized", catalystApiHandlers.Ok())) router.ServeHTTP(rr, req) require.Equal(rr.Code, 401, "should return 401") @@ -33,7 +33,7 @@ func TestWrongKey(t *testing.T) { rr := httptest.NewRecorder() catalystApiHandlers := handlers.CatalystAPIHandlersCollection{} - router.GET("/ok", IsAuthorized(catalystApiHandlers.Ok())) + router.GET("/ok", IsAuthorized("IAmAuthorized", catalystApiHandlers.Ok())) router.ServeHTTP(rr, req) require.Equal(rr.Code, 401, "should return 401")