ExtractAPIKeyMW calls ExtractAPIKey with the given config on each request, storing the result in the request context.
(cfg ExtractAPIKeyConfig)
| 174 | // ExtractAPIKeyMW calls ExtractAPIKey with the given config on each request, |
| 175 | // storing the result in the request context. |
| 176 | func ExtractAPIKeyMW(cfg ExtractAPIKeyConfig) func(http.Handler) http.Handler { |
| 177 | return func(next http.Handler) http.Handler { |
| 178 | return http.HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { |
| 179 | keyPtr, authzPtr, ok := ExtractAPIKey(rw, r, cfg) |
| 180 | if !ok { |
| 181 | return |
| 182 | } |
| 183 | |
| 184 | if keyPtr == nil || authzPtr == nil { |
| 185 | // Auth was optional and not provided. |
| 186 | next.ServeHTTP(rw, r) |
| 187 | return |
| 188 | } |
| 189 | key, authz := *keyPtr, *authzPtr |
| 190 | |
| 191 | // Actor is the user's authorization context. |
| 192 | ctx := r.Context() |
| 193 | ctx = context.WithValue(ctx, apiKeyContextKey{}, key) |
| 194 | // Set the auth context for the user. |
| 195 | ctx = dbauthz.As(ctx, authz) |
| 196 | |
| 197 | next.ServeHTTP(rw, r.WithContext(ctx)) |
| 198 | }) |
| 199 | } |
| 200 | } |
| 201 | |
| 202 | // PrecheckAPIKey extracts and fully validates the API key on every |
| 203 | // request (if present) and stores the result in context. It never |