added token configs

* removed `api.token` in favor of `api.tokens`
* added configs for tokens to override settings from main config

Author: CodeShellDev

.github/templates/README.template.md

@@ -10,7 +10,7 @@ Get the latest version of the `docker-compose.yaml` file:
 { { file.docker-compose.yaml } }
 ```
 
-And add secure Token(s) to `api.tokens`. See [API TOKEN(s)](#api-tokens).
+And add secure Token(s) to `api.tokens`. See [API TOKENs](#api-tokens).
 
 > [!IMPORTANT]
 > This Documentation will be using `sec-signal-api:8880` as the service host,
@@ -130,7 +130,7 @@ Supported types include **strings**, **ints** and **arrays**. See [Formatting](#
 
 There are multiple ways to configure Secured Signal API, you can optionally use `config.yml` aswell as Environment Variables to override the config.
 
-### Config File
+### Config Files
 
 Config files allow **YML** formatting and also `${ENV}` to get Environment Variables.
 
@@ -142,6 +142,18 @@ This example config shows all of the individual settings that can be applied:
 { { file.examples/config.yml } }
 ```
 
+#### Token Configs
+
+You can also override the `config.yml` file for each individual token by adding configs under `TOKENS_PATH` (default: `config/tokens/`)
+
+This way you can permission tokens by further restricting or adding [Endpoints](#blocked-endpoints), [Placeholders](#variables), etc.
+
+Here is an example:
+
+```yaml
+{ { file.examples/token.yml } }
+```
+
 ### Environment
 
 Suppose you want to set a new [Placeholder](#placeholders) `NUMBER` in your Environment...
@@ -182,12 +194,8 @@ If you are using Environment Variables as an example you won't be able to specif
 
 During Authentication Secured Signal API will try to match the given Token against the list of Tokens inside of these Variables.
 
-> [!NOTE]
-> Both `api.token` and `api.tokens` support multiple Tokens.
-
 ```yaml
 api:
-  token: [token1, token2, token3]
   tokens: [token1, token2, token3]
 ```
 

examples/token.yml

@@ -0,0 +1,7 @@
+token: LOOOONG_STRING
+
+overrides:
+  variables: # Disable Placeholder
+  blockedEndpoints: # Disable Sending
+    - /v2/send
+  messageAliases: # Disable Aliases

utils/config/config.go

@@ -1,161 +1,92 @@
 package config
 
 import (
-	"errors"
-	"io/fs"
 	"os"
+	"path/filepath"
 	"strconv"
 	"strings"
 	"sync"
 
-	middlewares "github.com/codeshelldev/secured-signal-api/internals/proxy/middlewares"
-	"github.com/codeshelldev/secured-signal-api/utils"
 	log "github.com/codeshelldev/secured-signal-api/utils/logger"
 	"github.com/codeshelldev/secured-signal-api/utils/safestrings"
 
-	"github.com/knadh/koanf/parsers/yaml"
 	"github.com/knadh/koanf/providers/confmap"
 	"github.com/knadh/koanf/providers/env/v2"
 	"github.com/knadh/koanf/providers/file"
 	"github.com/knadh/koanf/v2"
 )
 
-type ENV_ struct {
-	CONFIG_PATH			string
-	DEFAULTS_PATH		string
-	TOKENS_DIR			string
-	LOG_LEVEL			string
-	PORT 				string
-	API_URL 			string
-	API_TOKENS 			[]string
-	INSECURE			bool
-	BLOCKED_ENDPOINTS 	[]string
-	VARIABLES 			map[string]any
-	MESSAGE_ALIASES 	[]middlewares.MessageAlias
-}
-
-var ENV ENV_ = ENV_{
-	CONFIG_PATH: os.Getenv("CONFIG_PATH"),
-	DEFAULTS_PATH: os.Getenv("DEFAULTS_PATH"),
-	TOKENS_DIR: os.Getenv("TOKENS_DIR"),
-	API_TOKENS: []string{},
-	BLOCKED_ENDPOINTS: []string{},
-	MESSAGE_ALIASES: []middlewares.MessageAlias{},
-	VARIABLES: map[string]any{},
-	INSECURE: false,
-}
-
 var defaultsLayer = koanf.New(".")
 var userLayer = koanf.New(".")
+var tokensLayer = koanf.New(".")
 
 var config *koanf.Koanf
 
 var configLock sync.Mutex
 
-func InitEnv() {
-	ENV.PORT = strconv.Itoa(config.Int("server.port"))
-
-	ENV.LOG_LEVEL = config.String("loglevel")
-	
-	ENV.API_URL = config.String("api.url")
-
-	apiTokens := config.Strings("api.tokens")
-
-	if len(apiTokens) <= 0 {
-		apiTokens = config.Strings("api.token")
-
-		if len(apiTokens) <= 0 {
-			log.Warn("No API TOKEN provided this is NOT recommended")
+func LoadFile(path string, config *koanf.Koanf, parser koanf.Parser) (koanf.Provider, error) {
+	f := file.Provider(path)
 
-			log.Info("Disabling Security Features due to incomplete Congfiguration")
+	err := config.Load(f, parser)
 
-			ENV.INSECURE = true
+	if err != nil {
+		return nil, err
+	}
 
-			// Set Blocked Endpoints on Config to User Layer Value
-			// => effectively ignoring Default Layer
-			config.Set("blockedendpoints", userLayer.Strings("blockeendpoints"))
+	f.Watch(func(event any, err error) {
+		if err != nil {
+			return
 		}
-	}
 
-	if len(apiTokens) > 0 {
-		log.Debug("Registered " + strconv.Itoa(len(apiTokens)) + " Tokens")	
+		log.Info(path, " changed, Reloading...")
 
-		ENV.API_TOKENS = apiTokens
-	}
-
-	config.Unmarshal("messagealiases", &ENV.MESSAGE_ALIASES)
+		configLock.Lock()
+		defer configLock.Unlock()
 
-	transformChildren(config, "variables", func(key string, value any) (string, any) {
-		return strings.ToUpper(key), value
+		Load()
 	})
 
-	config.Unmarshal("variables", &ENV.VARIABLES)
-
-	ENV.BLOCKED_ENDPOINTS = config.Strings("blockedendpoints")
+	return f, err
 }
 
-func Load() {
-	log.Debug("Loading Config ", ENV.DEFAULTS_PATH)
-
-	_, defErr := LoadFile(ENV.DEFAULTS_PATH, defaultsLayer, yaml.Parser())
+func LoadDir(path string, dir string, config *koanf.Koanf, parser koanf.Parser) error {
+    files, err := filepath.Glob(filepath.Join(dir, "*.yml"))
 
-	if defErr != nil {
-		log.Warn("Could not Load Defaults", ENV.DEFAULTS_PATH)
-	}
-
-	log.Debug("Loading Config ", ENV.CONFIG_PATH)
+    if err != nil {
+        return err
+    }
 
-	_, conErr := LoadFile(ENV.CONFIG_PATH, userLayer, yaml.Parser())
+    for i, file := range files {
+		tmp := koanf.New(".")
 
-	if conErr != nil {
-		_, err := os.Stat(ENV.CONFIG_PATH)
+        _, err := LoadFile(file, tmp, parser)
 
-		if !errors.Is(err, fs.ErrNotExist) {
-			log.Error("Could not Load Config ", ENV.CONFIG_PATH, ": ", conErr.Error())
+		if err != nil {
+			return err
 		}
-	}
-
-	log.Debug("Loading DotEnv")
-
-	LoadEnv(userLayer)
-
-	config = mergeLayers()
 
-	normalizeKeys(config)
-
-	templateConfig(config)
-
-	InitEnv()
-
-	log.Info("Finished Loading Configuration")
+		config.Set(path + "." + strconv.Itoa(i), tmp.All())
+    }
 
-	log.Dev(utils.ToJson(config.All()))
-	log.Dev(utils.ToJson(ENV))
+    return nil
 }
 
-func LoadFile(path string, config *koanf.Koanf, parser koanf.Parser) (koanf.Provider, error) {
-	f := file.Provider(path)
+func LoadEnv(config *koanf.Koanf) (koanf.Provider, error) {
+	e := env.Provider(".", env.Opt{
+		TransformFunc: normalizeEnv,
+	})
 
-	err := config.Load(f, parser)
+	err := config.Load(e, nil)
 
 	if err != nil {
-		return nil, err
+		log.Fatal("Error loading env: ", err.Error())
 	}
 
-	f.Watch(func(event any, err error) {
-		if err != nil {
-			return
-		}
-
-		log.Info("Config changed, Reloading...")
-
-		configLock.Lock()
-		defer configLock.Unlock()
-
-		Load()
-	})
+	return e, err
+}
 
-	return f, err
+func mergeConfig(path string, mergeInto *koanf.Koanf, mergeFrom *koanf.Koanf) {
+	mergeInto.MergeAt(mergeFrom, path)
 }
 
 func templateConfig(config *koanf.Koanf) {
@@ -176,20 +107,6 @@ func templateConfig(config *koanf.Koanf) {
     config.Load(confmap.Provider(data, "."), nil)
 }
 
-func LoadEnv(config *koanf.Koanf) (koanf.Provider, error) {
-	e := env.Provider(".", env.Opt{
-		TransformFunc: normalizeEnv,
-	})
-
-	err := config.Load(e, nil)
-
-	if err != nil {
-		log.Fatal("Error loading env: ", err.Error())
-	}
-
-	return e, err
-}
-
 func mergeLayers() *koanf.Koanf {
 	final := koanf.New(".")
 

utils/config/loader.go

@@ -0,0 +1,118 @@
+package config
+
+import (
+	"errors"
+	"io/fs"
+	"os"
+	"strconv"
+	"strings"
+
+	"github.com/codeshelldev/secured-signal-api/internals/proxy/middlewares"
+	"github.com/codeshelldev/secured-signal-api/utils"
+	log "github.com/codeshelldev/secured-signal-api/utils/logger"
+	"github.com/knadh/koanf/parsers/yaml"
+)
+
+type ENV_ struct {
+	CONFIG_PATH			string
+	DEFAULTS_PATH		string
+	TOKENS_DIR			string
+	LOG_LEVEL			string
+	PORT 				string
+	API_URL 			string
+	API_TOKENS 			[]string
+	SETTINGS			map[string]*SETTING_
+	INSECURE			bool
+}
+
+type SETTING_ struct {
+	BLOCKED_ENDPOINTS 	[]string
+	VARIABLES 			map[string]any
+	MESSAGE_ALIASES 	[]middlewares.MessageAlias
+}
+
+var ENV ENV_ = ENV_{
+	CONFIG_PATH: os.Getenv("CONFIG_PATH"),
+	DEFAULTS_PATH: os.Getenv("DEFAULTS_PATH"),
+	TOKENS_DIR: os.Getenv("TOKENS_DIR"),
+	API_TOKENS: []string{},
+	SETTINGS: map[string]*SETTING_{
+		"*": &SETTING_{
+			BLOCKED_ENDPOINTS: []string{},
+			MESSAGE_ALIASES: []middlewares.MessageAlias{},
+			VARIABLES: map[string]any{},
+		},
+	},
+	INSECURE: false,
+}
+
+func InitEnv() {
+	ENV.PORT = strconv.Itoa(config.Int("server.port"))
+
+	ENV.LOG_LEVEL = config.String("loglevel")
+	
+	ENV.API_URL = config.String("api.url")
+
+	InitTokens()
+
+	defaultSettings := ENV.SETTINGS["*"]
+
+	config.Unmarshal("messagealiases", &defaultSettings.MESSAGE_ALIASES)
+
+	transformChildren(config, "variables", func(key string, value any) (string, any) {
+		return strings.ToUpper(key), value
+	})
+
+	config.Unmarshal("variables", &defaultSettings.VARIABLES)
+
+	defaultSettings.BLOCKED_ENDPOINTS = config.Strings("blockedendpoints")
+}
+
+func Load() {
+	LoadDefaults()
+
+	LoadConfig()
+
+	LoadTokens()
+
+	log.Debug("Loading DotEnv")
+
+	LoadEnv(userLayer)
+
+	config = mergeLayers()
+
+	normalizeKeys(config)
+
+	templateConfig(config)
+
+	InitEnv()
+
+	log.Info("Finished Loading Configuration")
+
+	log.Dev(utils.ToJson(config.All()))
+	log.Dev(utils.ToJson(ENV))
+}
+
+func LoadDefaults() {
+	log.Debug("Loading Config ", ENV.DEFAULTS_PATH)
+
+	_, defErr := LoadFile(ENV.DEFAULTS_PATH, defaultsLayer, yaml.Parser())
+
+	if defErr != nil {
+		log.Warn("Could not Load Defaults", ENV.DEFAULTS_PATH)
+	}
+}
+
+func LoadConfig() {
+	log.Debug("Loading Config ", ENV.CONFIG_PATH)
+
+	_, conErr := LoadFile(ENV.CONFIG_PATH, userLayer, yaml.Parser())
+
+	if conErr != nil {
+		_, err := os.Stat(ENV.CONFIG_PATH)
+
+		if !errors.Is(err, fs.ErrNotExist) {
+			log.Error("Could not Load Config ", ENV.CONFIG_PATH, ": ", conErr.Error())
+		}
+	}
+}