CodeShellDev
diff --git a/‎Dockerfile‎
Lines changed: 17 additions & 13 deletions b/‎Dockerfile‎
Lines changed: 17 additions & 13 deletions
diff --git a/‎app.py‎
Lines changed: 0 additions & 183 deletions b/‎app.py‎
Lines changed: 0 additions & 183 deletions
diff --git a/‎go.mod‎
Lines changed: 7 additions & 0 deletions b/‎go.mod‎
Lines changed: 7 additions & 0 deletions
diff --git a/‎go.sum‎
Lines changed: 4 additions & 0 deletions b/‎go.sum‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎internals/proxy/proxy.go‎
Lines changed: 167 additions & 0 deletions b/‎internals/proxy/proxy.go‎
Lines changed: 167 additions & 0 deletions
@@ -1,13 +1,17 @@
-FROM python:3.9-alpine
-
-WORKDIR /app
-
-RUN pip install flask requests
-
-COPY . .
-
-ENV PORT=8880
-
-EXPOSE ${PORT}
-
-CMD ["python", "app.py"]
+FROM golang:1.24
+
+WORKDIR /app
+
+COPY go.mod go.sum ./
+
+RUN go mod download
+
+COPY *.go ./
+
+RUN CGO_ENABLED=0 GOOS=linux go build -o /secured-signal-api
+
+ENV PORT=8880
+
+EXPOSE ${PORT}
+
+CMD ["/docker-gs-ping"]
@@ -0,0 +1,7 @@
+module github.com/codeshelldev/secured-signal-api
+
+go 1.24.4
+
+require go.uber.org/zap v1.27.0
+
+require go.uber.org/multierr v1.10.0 // indirect
@@ -0,0 +1,4 @@
+go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ=
+go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y=
+go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8=
+go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E=
@@ -0,0 +1,167 @@
+package proxy
+
+import (
+	"bytes"
+	"encoding/base64"
+	"io"
+	"net/http"
+	"net/http/httputil"
+	"net/url"
+	"os"
+	"slices"
+	"strings"
+	"text/template"
+
+	log "github.com/codeshelldev/secured-signal-api/utils"
+)
+
+type AuthType string
+
+const (
+	Bearer AuthType = "Bearer"
+	Basic AuthType = "Basic"
+	Query AuthType = "Query"
+	None AuthType = ""
+)
+
+func getAuthType(str string) AuthType {
+	switch str {
+	case "Bearer":
+		return Bearer
+	case "Basic":
+		return Basic
+	default:
+		return None
+	}
+}
+
+func renderTemplate(name string, tmplStr string, data any) (string, error) {
+	tmpl, err := template.New(name).Parse(tmplStr)
+
+	if err != nil {
+		return "", err
+	}
+	var buf bytes.Buffer
+
+	err = tmpl.Execute(&buf, data)
+
+	if err != nil {
+		return "", err
+	}
+	return buf.String(), nil
+}
+
+func AuthMiddleware(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+		log.Info("Request:", req.Method, req.URL.Path)
+
+		token := os.Getenv("API_TOKEN")
+		user := "api"
+
+		authHeader := req.Header.Get("Authorization")
+
+		authQuery := req.URL.Query().Get("authorization")
+
+		var authType AuthType
+
+		success := false
+
+		if authHeader != "" {
+			authBody := strings.Split(authHeader, " ")
+
+			authType = getAuthType(authBody[0])
+			authToken := authBody[1]
+
+			switch authType {
+			case Bearer:
+				if authToken == token {
+					success = true
+				}
+
+			case Basic:
+				basicAuthBody, err := base64.StdEncoding.DecodeString(authToken)
+
+				if err != nil {
+					log.Error("Could not decode Basic Auth Payload: ", err.Error())
+				}
+
+				basicAuth := string(basicAuthBody)
+				basicAuthParams := strings.Split(basicAuth, ":")
+
+				if basicAuthParams[0] == user && basicAuthParams[1] == token {
+					success = true
+				}
+			}
+
+		} else if authQuery != "" {
+			authType = Query
+
+			authToken, _ := url.QueryUnescape(authQuery)
+
+			if authToken == token {
+				success = true
+			}
+		}
+
+		if !success {
+			log.Warn("User failed ", string(authType), " Auth")
+			http.Error(w, "Unauthorized", http.StatusUnauthorized)
+			return
+		}
+
+		next.ServeHTTP(w, req)
+	})
+}
+
+func BlockedEndpointMiddleware(next http.Handler, BLOCKED_ENDPOINTS []string) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+		reqPath := req.URL.Path
+
+		if slices.Contains(BLOCKED_ENDPOINTS, reqPath) {
+			log.Warn("User tried to access blocked endpoint: ", reqPath)
+			http.Error(w, "Unauthorized", http.StatusUnauthorized)
+			return
+		}
+
+		next.ServeHTTP(w, req)
+	})
+}
+
+func TemplatingMiddleware(next http.Handler, VARIABLES map[string]string) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
+		if req.Body != nil {
+			bodyBytes, err := io.ReadAll(req.Body)
+
+			if err != nil {
+				log.Error("Could not decode Body: ", err.Error())
+				http.Error(w, "Internal Error", http.StatusInternalServerError)
+				return
+			}
+
+			req.Body.Close()
+
+			modifiedBody := string(bodyBytes)
+
+			modifiedBody, _ = renderTemplate("json", modifiedBody, VARIABLES)
+			modifiedBodyBytes := []byte(modifiedBody)
+
+			req.Body = io.NopCloser(bytes.NewReader(modifiedBodyBytes))
+		}
+
+		reqPath := req.URL.Path
+
+		modifiedReqPath, _ := renderTemplate("path", reqPath, VARIABLES)
+
+		req.URL.Path = modifiedReqPath
+
+		next.ServeHTTP(w, req)
+	})
+}
+
+func Create(targetUrl string) *httputil.ReverseProxy {
+	url, _ := url.Parse(targetUrl)
+
+	proxy := httputil.NewSingleHostReverseProxy(url)
+
+	return proxy
+}