2023-04-02 14:19:51 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2023-05-26 08:33:55 +00:00
|
|
|
"bufio"
|
2023-04-02 14:19:51 +00:00
|
|
|
"os"
|
2023-06-17 03:37:39 +00:00
|
|
|
"strings"
|
2023-04-02 14:19:51 +00:00
|
|
|
|
|
|
|
gin "github.com/gin-gonic/gin"
|
|
|
|
)
|
|
|
|
|
|
|
|
var ADMIN_PASSWORD string
|
2023-05-26 08:33:55 +00:00
|
|
|
var API_KEYS map[string]bool
|
2023-04-02 14:19:51 +00:00
|
|
|
|
|
|
|
func init() {
|
|
|
|
ADMIN_PASSWORD = os.Getenv("ADMIN_PASSWORD")
|
|
|
|
if ADMIN_PASSWORD == "" {
|
|
|
|
ADMIN_PASSWORD = "TotallySecurePassword"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-04-05 10:07:07 +00:00
|
|
|
func adminCheck(c *gin.Context) {
|
2023-04-02 14:19:51 +00:00
|
|
|
password := c.Request.Header.Get("Authorization")
|
|
|
|
if password != ADMIN_PASSWORD {
|
|
|
|
c.String(401, "Unauthorized")
|
|
|
|
c.Abort()
|
|
|
|
return
|
|
|
|
}
|
|
|
|
c.Next()
|
|
|
|
}
|
2023-04-05 10:07:07 +00:00
|
|
|
|
|
|
|
func cors(c *gin.Context) {
|
|
|
|
c.Header("Access-Control-Allow-Origin", "*")
|
|
|
|
c.Header("Access-Control-Allow-Methods", "*")
|
|
|
|
c.Header("Access-Control-Allow-Headers", "*")
|
|
|
|
c.Next()
|
|
|
|
}
|
2023-05-24 15:19:54 +00:00
|
|
|
|
|
|
|
func Authorization(c *gin.Context) {
|
2023-05-26 08:33:55 +00:00
|
|
|
if API_KEYS == nil {
|
|
|
|
API_KEYS = make(map[string]bool)
|
|
|
|
if _, err := os.Stat("api_keys.txt"); err == nil {
|
|
|
|
file, _ := os.Open("api_keys.txt")
|
|
|
|
defer file.Close()
|
|
|
|
scanner := bufio.NewScanner(file)
|
|
|
|
for scanner.Scan() {
|
|
|
|
key := scanner.Text()
|
|
|
|
if key != "" {
|
|
|
|
API_KEYS["Bearer "+key] = true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2023-05-28 12:12:52 +00:00
|
|
|
if len(API_KEYS) != 0 && !API_KEYS[c.Request.Header.Get("Authorization")] {
|
2023-06-17 03:37:39 +00:00
|
|
|
if c.Request.Header.Get("Authorization") == "" {
|
|
|
|
c.JSON(401, gin.H{"error": "No API key provided. Get one at https://discord.gg/9K2BvbXEHT"})
|
|
|
|
} else if strings.HasPrefix(c.Request.Header.Get("Authorization"), "Bearer sk-") {
|
|
|
|
c.JSON(401, gin.H{"error": "You tried to use the official API key which is not supported."})
|
|
|
|
} else if strings.HasPrefix(c.Request.Header.Get("Authorization"), "Bearer eyJhbGciOiJSUzI1NiI") {
|
|
|
|
return
|
|
|
|
} else {
|
|
|
|
c.JSON(401, gin.H{"error": "Invalid API key."})
|
|
|
|
}
|
2023-05-24 15:19:54 +00:00
|
|
|
c.Abort()
|
|
|
|
return
|
|
|
|
}
|
|
|
|
c.Next()
|
|
|
|
}
|