feat: API-Schlüssel-Authentifizierungsfilter implementieren

- ApiKeyAuthFilter hinzugefügt, um API-Schlüssel aus den Anforderungs-Headern zu validieren. - Der Filter überprüft das Vorhandensein eines API-Schlüssels und dessen Gültigkeit, bevor die Anforderung autorisiert wird. - Der Standardname des API-Schlüssel-Headers ist auf "X-API-Key" festgelegt.
2024-10-28 16:45:22 +01:00 · 2024-10-28 16:45:22 +01:00 · 1ca336abe0
commit 1ca336abe0
parent 6e4a575864
1 changed files with 18 additions and 0 deletions
--- a/WorkFlow.API/Filters/ApiKeyAuthFilter.cs
+++ b/WorkFlow.API/Filters/ApiKeyAuthFilter.cs
@ -0,0 +1,18 @@
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.AspNetCore.Mvc;
+
+namespace WorkFlow.API.Filters
+{
+    public class ApiKeyAuthFilter(Func<string, bool> isValidKey, string apiKeyHeaderName = "X-API-Key") : IAuthorizationFilter
+    {
+        public void OnAuthorization(AuthorizationFilterContext context)
+        {
+            string? apiKey = context.HttpContext.Request.Headers[apiKeyHeaderName];
+
+            if (apiKey is null || !isValidKey(apiKey))
+            {
+                context.Result = new UnauthorizedResult();
+            }
+        }
+    }
+}