From 1ca336abe043c199ec8237a60543168eb39bc834 Mon Sep 17 00:00:00 2001
From: Developer 02 <developer02@didaloghe.onmicrosoft.com>
Date: Mon, 28 Oct 2024 16:45:22 +0100
Subject: [PATCH] =?UTF-8?q?feat:=20API-Schl=C3=BCssel-Authentifizierungsfi?=
 =?UTF-8?q?lter=20implementieren?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- ApiKeyAuthFilter hinzugefügt, um API-Schlüssel aus den Anforderungs-Headern zu validieren.
- Der Filter überprüft das Vorhandensein eines API-Schlüssels und dessen Gültigkeit, bevor die Anforderung autorisiert wird.
- Der Standardname des API-Schlüssel-Headers ist auf "X-API-Key" festgelegt.
---
 WorkFlow.API/Filters/ApiKeyAuthFilter.cs | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)
 create mode 100644 WorkFlow.API/Filters/ApiKeyAuthFilter.cs

diff --git a/WorkFlow.API/Filters/ApiKeyAuthFilter.cs b/WorkFlow.API/Filters/ApiKeyAuthFilter.cs
new file mode 100644
index 0000000..052b391
--- /dev/null
+++ b/WorkFlow.API/Filters/ApiKeyAuthFilter.cs
@@ -0,0 +1,18 @@
+using Microsoft.AspNetCore.Mvc.Filters;
+using Microsoft.AspNetCore.Mvc;
+
+namespace WorkFlow.API.Filters
+{
+    public class ApiKeyAuthFilter(Func<string, bool> isValidKey, string apiKeyHeaderName = "X-API-Key") : IAuthorizationFilter
+    {
+        public void OnAuthorization(AuthorizationFilterContext context)
+        {
+            string? apiKey = context.HttpContext.Request.Headers[apiKeyHeaderName];
+
+            if (apiKey is null || !isValidKey(apiKey))
+            {
+                context.Result = new UnauthorizedResult();
+            }
+        }
+    }
+}
\ No newline at end of file