storj/pkg/pointerdb/auth/process_api_key.go
Egon Elbre 7a906285e3 Small cleanup at top-level (#336)
* cleanup some top-level packages

* remove unused index.html

* update indirect tags
2018-09-10 07:23:08 -07:00

37 lines
995 B
Go

// Copyright (C) 2018 Storj Labs, Inc.
// See LICENSE for copying information.
package auth
import (
"crypto/subtle"
"flag"
)
var (
apiKey = flag.String("pointer-db.auth.api-key", "", "api key")
)
// Purpose of this is to process an API Key to see if it matches the correct client.
//
// **To use, run in** *examples/auth/main.go*:
// `$ go run main.go --key=yourkey`
//
// Default api key is preset with the mocked headers. This will be changed later.
//
// **Where this is going**:
// We're going to be using macaroons to validate a token and permissions. This is a small step to building in that direction.
// ValidateAPIKey : validates the X-API-Key header to an env/flag input
func ValidateAPIKey(header string) bool {
var expected = []byte(*apiKey)
var actual = []byte(header)
// TODO(kaloyan): I had to comment this to make pointerdb_test.go running successfully
// if len(expected) <= 0 {
// return false
// }
return 1 == subtle.ConstantTimeCompare(expected, actual)
}