Slide 40
Slide 40 text
apiKey
: =
c.GetHeader("api
-
key")
if apiKey
= =
"" {
apiKey = strings.TrimPref
i
x(c.GetHeader("Authorization"), "Bearer ")
}
if apiKey
= =
"" {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": gin.H{
"code": strconv.Itoa(http.StatusUnauthorized),
"message": "missing authorization header or api key",
}})
return
}
claims, err
: =
oauth.ParseToken(apiKey)
if err
! =
nil {
c.AbortWithStatusJSON(http.StatusUnauthorized, gin.H{"error": gin.H{
"code": strconv.Itoa(http.StatusUnauthorized),
"message": err.Error(),
}})
return
}
/ /
Set the X-User-Id header to the account id from the JWT claims.
c.Request.Header.Set("X-User-Id", claims.Account)
/ /
Set the api
-
key header to the api key from the specif
i
c API key.
c.Request.Header.Set("api
-
key", cfg.API.Key)