Add APIKey authentication

2023-11-22 20:53:06 -05:00
parent 38c3895459
commit 15f8385005
10 changed files with 179 additions and 26 deletions
--- a/Helpers/ApiKeyAttribute.cs
+++ b/Helpers/ApiKeyAttribute.cs
@@ -0,0 +1,27 @@
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.AspNetCore.Mvc.Filters;
+
+namespace TodoApi.Helpers;
+
+public class ApiKeyAttribute : ActionFilterAttribute
+{
+    public override void OnActionExecuting(ActionExecutingContext context)
+    {
+        // Get the required service to validate the API key
+        var apiKeyValidator = context.HttpContext.RequestServices.GetRequiredService<IApiKeyValidator>();
+
+        // Get the API key from the X-API-KEY header
+        var apiKey = context.HttpContext.Request.Headers["X-API-KEY"];
+
+        // Validate the API key using the IApiKeyValidator service
+        if (string.IsNullOrEmpty(apiKey) || !apiKeyValidator.Validate(apiKey))
+        {
+            // If the API key is invalid, set the response status code to 401 Unauthorized
+            context.Result = new UnauthorizedResult();
+            return;
+        }
+
+        // If the API key is valid, continue with the action execution
+        base.OnActionExecuting(context);
+    }
+}