API-Key-Authentifizierung: Implementation Ready (Config Prepared) #47

New issue

Closed

opened 2025-06-11 20:02:04 +02:00 by Michael · 0 comments

Michael commented 2025-06-11 20:02:04 +02:00 (Migrated from gitea.dragons-at-work.de)

Copy link

🔄 STATUS: PREPARED FOR ACTIVATION

API-Key-System ist in config/server.lua vorbereitet!

Current Status

• ✅ Config-Structure ready - api_keys in server.lua
• ✅ Header-Detection prepared - X-API-Key parsing ready
• ✅ Permission-System designed - granular permissions
• 🔄 Middleware-Activation - Currently disabled for testing
• 📋 Rate-Limiting - Spam protection
• 📋 Hugo-Integration - API-Key injection

Prepared Configuration

-- config/server.lua (already exists)
api_keys = {
    ["hugo-frontend-key"] = {
        name = "Hugo Frontend",
        permissions = {"mail:send"},
        allowed_ips = {"127.0.0.1", "10.0.0.0/8"}
    }
}

Implementation Plan (Quick Activation)

1. Middleware-Function - auth_check() in main.lua
2. Header-Validation - X-API-Key extraction
3. Permission-Check - Route-specific permissions
4. IP-Validation - allowed_ips checking
5. Error-Responses - 401/403 with proper messages

Ready for Activation

Backend-Infrastructure: COMPLETE ✅
Config-System: PREPARED ✅
Next Step: Middleware-Activation (1-2h implementation)

Note: Currently disabled to allow unrestricted testing

## 🔄 STATUS: PREPARED FOR ACTIVATION **API-Key-System ist in config/server.lua vorbereitet!** ## Current Status - [x] ✅ **Config-Structure ready** - api_keys in server.lua - [x] ✅ **Header-Detection prepared** - X-API-Key parsing ready - [x] ✅ **Permission-System designed** - granular permissions - [ ] 🔄 **Middleware-Activation** - Currently disabled for testing - [ ] 📋 **Rate-Limiting** - Spam protection - [ ] 📋 **Hugo-Integration** - API-Key injection ## Prepared Configuration ```lua -- config/server.lua (already exists) api_keys = { ["hugo-frontend-key"] = { name = "Hugo Frontend", permissions = {"mail:send"}, allowed_ips = {"127.0.0.1", "10.0.0.0/8"} } } ``` ## Implementation Plan (Quick Activation) 1. **Middleware-Function** - auth_check() in main.lua 2. **Header-Validation** - X-API-Key extraction 3. **Permission-Check** - Route-specific permissions 4. **IP-Validation** - allowed_ips checking 5. **Error-Responses** - 401/403 with proper messages ## Ready for Activation **Backend-Infrastructure**: COMPLETE ✅ **Config-System**: PREPARED ✅ **Next Step**: Middleware-Activation (1-2h implementation) **Note**: Currently disabled to allow unrestricted testing

michael added

status

done

and removed

status

to-go

labels 2025-08-14 07:23:17 +02:00

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

feature/structured-logging-health-monitoring

v0.1.4

v0.1.3

v0.1.2

generation-1-archive

debug-monster-anti-pattern

Labels

Clear labels   

apache

Auto-generated label

  

api

Auto-generated label

  

api-contract

Furt: api_design

  

api-gateway

Auto-generated label

  

authentication

Auto-generated label

  

automation

Auto-generated label

  

breaking-change

Breaking Change - Version Bump nötig

  

comments

Auto-generated label

  

component/deployment

Auto-generated label

  

component/documentation

Auto-generated label

  

component/service-management

Auto-generated label

  

configuration

Konfiguration und Setup

  

contact-form

Auto-generated label

  

coordination/cross-repo

Betrifft mehrere Repositories

  

coordination/needed

Benötigt Abstimmung zwischen Teams/Projekten

  

core

Auto-generated label

  

deployment

Build Deploy und DevOps

  

development

Auto-generated label

  

development-ready

Auto-generated label

  

digital-sovereignty

Fördert digitale Souveränität

  

distribution

Auto-generated label

  

effort

large

Großer Aufwand - mehr als 3 Sessions

  

effort

medium

Mittlerer Aufwand - 1-3 Sessions

  

effort

small

Kleiner Aufwand - weniger als 1 Session

  

enhancement

Verbesserung oder neue Funktion

  

frontend

Auto-generated label

  

furt-service

Auto-generated label

  

furt/gateway

Auto-generated label

  

furt/installation

Auto-generated label

  

gateway

API-Gateway Kern-Funktionalität

  

gateway-integration

Auto-generated label

  

generator

Auto-generated label

  

gitea-testing

Auto-generated label

  

health-check

Auto-generated label

  

help-wanted

Community-Input erwünscht

  

hugo

Auto-generated label

  

hugo-integration

Furt: frontend

  

infrastructure

Infrastructure-related

  

installation

Auto-generated label

  

logging

Auto-generated label

  

low-tech

Im Einklang mit Low-Tech-Prinzipien

  

mail

Auto-generated label

  

meta

Auto-generated label

  

meta/duplicate

Duplikat eines anderen Issues

  

meta/planning

Projekt-Management, Planung, Organisation

  

meta/wontfix

Wird bewusst nicht umgesetzt

  

monitoring

Auto-generated label

  

observability

Auto-generated label

  

openapi

Auto-generated label

  

organization

Auto-generated label

  

packaging

Auto-generated label

  

performance

Performance und Optimierung

  

planning

Auto-generated label

  

platform/linux

Auto-generated label

  

priority

high

Hohe Priorität - sofort bearbeiten

  

priority

low

Niedrige Priorität - wenn Zeit vorhanden

  

priority

medium

Mittlere Priorität - normale Bearbeitung

  

production

Auto-generated label

  

question

Frage oder Hilfe benötigt

  

sagjan

Auto-generated label

  

security

Sicherheit und Authentifizierung

  

service

Auto-generated label

  

service-analytics

Furt: service_integration

  

service-development

Service-specific label

  

service-formular2mail

Formular-zu-E-Mail Service

  

service-newsletter

Furt: newsletter

  

service-request

Anfrage für neuen Service

  

service-sagjan

Sagjan Kommentarsystem Integration

  

session

blocker

Blockiert aktuelle Session - muss zuerst gelöst werden

  

session

handover

Session-Übergabe - Dokumentation für nächste Session

  

session

next

Für nächste Session geplant

  

shortcode

Auto-generated label

  

specs

Auto-generated label

  

ssl

Auto-generated label

  

status

blocked

Blockiert durch andere Issues/Dependencies

  

status

done

Abgeschlossen und getestet

  

status

in-progress

Aktuell in Bearbeitung

  

status

review

Fertig - wartet auf Review/Testing

  

status

to-go

Bereit zum Start - keine Blocker

  

systemd

Auto-generated label

  

testing

Tests und Qualitätssicherung

  

tooling

Auto-generated label

  

type

admin

Administrative Aufgaben, Verwaltung

  

type

bug

Fehler beheben

  

type

config

Konfiguration ändern/anpassen

  

type

deployment

Code/Services auf Server deployen

  

type

docs

Dokumentation erstellen/aktualisieren

  

type

enhancement

Bestehende Funktionalität verbessern

  

type

feature

Neue Funktionalität entwickeln

  

type

handover

Session-Übergabe-Dokumentation

  

type

infrastructure

Server, Domains, Infrastruktur-Management

  

type

installation

Software installieren und einrichten

  

type

maintenance

Wartung, Cleanup, Refactoring

  

type

migration

Daten/Services migrieren

  

type/refactor

Auto-generated label

  

type

research

Recherche, Exploration, Konzept-Evaluation

  

type

security

Sicherheitsbezogene Aufgaben

  

type/testing

Auto-generated label

  

v0.1.0

Auto-generated label

No labels

apache

api

api-contract

api-gateway

authentication

automation

breaking-change

comments

component/deployment

component/documentation

component/service-management

configuration

contact-form

coordination/cross-repo

coordination/needed

core

deployment

development

development-ready

digital-sovereignty

distribution

effort

large

effort

medium

effort

small

enhancement

frontend

furt-service

furt/gateway

furt/installation

gateway

gateway-integration

generator

gitea-testing

health-check

help-wanted

hugo

hugo-integration

infrastructure

installation

logging

low-tech

mail

meta

meta/duplicate

meta/planning

meta/wontfix

monitoring

observability

openapi

organization

packaging

performance

planning

platform/linux

priority

high

priority

low

priority

medium

production

question

sagjan

security

service

service-analytics

service-development

service-formular2mail

service-newsletter

service-request

service-sagjan

session

blocker

session

handover

session

next

shortcode

specs

ssl

status

blocked

status

done

status

in-progress

status

review

status

to-go

systemd

testing

tooling

type

admin

type

bug

type

config

type

deployment

type

docs

type

enhancement

type

feature

type

handover

type

infrastructure

type

installation

type

maintenance

type

migration

type/refactor

type

research

type

security

type/testing

v0.1.0

Milestone

Clear milestone

No items

No milestone

v0.1.2 - Gateway Basics

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: DAW/furt#47

No description provided.