rust/hyperswitch
1
0
Fork 0
mirror of https://github.com/juspay/hyperswitch.git synced 2025-10-27 19:46:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat(router) : add admin api key and jwt secret in app config (#296)

Browse Source
This commit is contained in:
chikke srujan
2023-01-09 14:03:17 +05:30
committed by GitHub
parent a526d26e0e
commit c36764060e
6 changed files with 20 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
config/config.example.toml
View File

@ -69,6 +69,8 @@ level = "DEBUG"
aws_key_id = "" # AWS Account Key ID aws_key_id = "" # AWS Account Key ID
aws_region = "" # AWS Account region aws_region = "" # AWS Account region
temp_card_key = "OJobAzAwOlibOhygIZOqOGideGUdEBeX" # AWS KMS Key temp_card_key = "OJobAzAwOlibOhygIZOqOGideGUdEBeX" # AWS KMS Key
admin_api_key = "test_admin" #admin api key for merchant authentication
jwt_secret= "secret" #secret jwt for merchant
# Locker settings contain details for accessing a card locker, a # Locker settings contain details for accessing a card locker, a
# PCI Compliant storage entity which stores payment method information # PCI Compliant storage entity which stores payment method information

2
config/docker_compose.toml
View File

@ -30,6 +30,8 @@ pool_size = 5
[keys] [keys]
temp_card_key = "OJobAzAwOlibOhygIZOqOGideGUdEBeX" # 32 character long key temp_card_key = "OJobAzAwOlibOhygIZOqOGideGUdEBeX" # 32 character long key
admin_api_key = "test_admin"
jwt_secret="secret"
[locker] [locker]
host = "" host = ""

2
crates/router/src/configs/defaults.toml
View File

@ -32,6 +32,8 @@ cluster_urls = []
[keys] [keys]
temp_card_key = "OJobAzAwOlibOhygIZOqOGideGUdEBeX" # 32 character long key temp_card_key = "OJobAzAwOlibOhygIZOqOGideGUdEBeX" # 32 character long key
admin_api_key = "test_admin"
jwt_secret="secret"
[locker] [locker]

2
crates/router/src/configs/settings.rs
View File

@ -47,6 +47,8 @@ pub struct Keys {
#[cfg(feature = "kms")] #[cfg(feature = "kms")]
pub aws_region: String, pub aws_region: String,
pub temp_card_key: String, pub temp_card_key: String,
pub jwt_secret: String,
pub admin_api_key: String,
} }
#[derive(Debug, Deserialize, Clone)] #[derive(Debug, Deserialize, Clone)]

19
crates/router/src/services/api.rs
View File

@ -432,7 +432,7 @@ where
{ {
let merchant_account = match api_authentication { let merchant_account = match api_authentication {
ApiAuthentication::Merchant(merchant_auth) => { ApiAuthentication::Merchant(merchant_auth) => {
authenticate_merchant(request, &*state.store, merchant_auth).await? authenticate_merchant(request, state, merchant_auth).await?
} }
ApiAuthentication::Connector(connector_auth) => { ApiAuthentication::Connector(connector_auth) => {
authenticate_connector(request, &*state.store, connector_auth).await? authenticate_connector(request, &*state.store, connector_auth).await?
@ -521,17 +521,17 @@ where
pub async fn authenticate_merchant<'a>( pub async fn authenticate_merchant<'a>(
request: &HttpRequest, request: &HttpRequest,
store: &dyn StorageInterface, state: &AppState,
merchant_authentication: MerchantAuthentication<'a>, merchant_authentication: MerchantAuthentication<'a>,
) -> RouterResult<storage::MerchantAccount> { ) -> RouterResult<storage::MerchantAccount> {
match merchant_authentication { match merchant_authentication {
MerchantAuthentication::ApiKey => { MerchantAuthentication::ApiKey => {
let api_key = let api_key =
get_api_key(request).change_context(errors::ApiErrorResponse::Unauthorized)?; get_api_key(request).change_context(errors::ApiErrorResponse::Unauthorized)?;
authenticate_by_api_key(store, api_key).await authenticate_by_api_key(&*state.store, api_key).await
} }
MerchantAuthentication::MerchantId(merchant_id) => store MerchantAuthentication::MerchantId(merchant_id) => (*state.store)
.find_merchant_account_by_merchant_id(&merchant_id) .find_merchant_account_by_merchant_id(&merchant_id)
.await .await
.map_err(|error| error.to_not_found_response(errors::ApiErrorResponse::Unauthorized)), .map_err(|error| error.to_not_found_response(errors::ApiErrorResponse::Unauthorized)),
@ -539,10 +539,11 @@ pub async fn authenticate_merchant<'a>(
MerchantAuthentication::AdminApiKey => { MerchantAuthentication::AdminApiKey => {
let admin_api_key = let admin_api_key =
get_api_key(request).change_context(errors::ApiErrorResponse::Unauthorized)?; get_api_key(request).change_context(errors::ApiErrorResponse::Unauthorized)?;
if admin_api_key != "test_admin" { utils::when(admin_api_key != state.conf.keys.admin_api_key, || {
Err(report!(errors::ApiErrorResponse::Unauthorized) Err(errors::ApiErrorResponse::Unauthorized)
.attach_printable("Admin Authentication Failure"))?; .into_report()
} .attach_printable("Admin Authentication Failure")
})?;
Ok(storage::MerchantAccount { Ok(storage::MerchantAccount {
id: -1, id: -1,
@ -567,7 +568,7 @@ pub async fn authenticate_merchant<'a>(
MerchantAuthentication::PublishableKey => { MerchantAuthentication::PublishableKey => {
let api_key = let api_key =
get_api_key(request).change_context(errors::ApiErrorResponse::Unauthorized)?; get_api_key(request).change_context(errors::ApiErrorResponse::Unauthorized)?;
authenticate_by_publishable_key(store, api_key).await authenticate_by_publishable_key(&*state.store, api_key).await
} }
} }
} }

2
loadtest/config/Development.toml
View File

@ -23,6 +23,8 @@ host = "redis-queue"
[keys] [keys]
temp_card_key = "OJobAzAwOlibOhygIZOqOGideGUdEBeX" # 32 character long key temp_card_key = "OJobAzAwOlibOhygIZOqOGideGUdEBeX" # 32 character long key
admin_api_key = "test_admin"
jwt_secret="secret"
[locker] [locker]
host = "" host = ""