REST API: add support for API key authentication

2025-12-07 23:00:55 +03:00 · 2021-08-17 18:08:32 +02:00
parent 05c62b9f40
commit fe953d6b38
41 changed files with 3620 additions and 274 deletions
--- a/httpd/auth_utils.go
+++ b/httpd/auth_utils.go
@@ -28,6 +28,7 @@ const (
 const (
 	claimUsernameKey    = "username"
 	claimPermissionsKey = "permissions"
+	claimAPIKey         = "api_key"
 	basicRealm          = "Basic realm=\"SFTPGo\""
 )

@@ -43,6 +44,7 @@ type jwtTokenClaims struct {
 	Username    string
 	Permissions []string
 	Signature   string
+	APIKeyID    string
 }

 func (c *jwtTokenClaims) asMap() map[string]interface{} {
@@ -50,6 +52,9 @@ func (c *jwtTokenClaims) asMap() map[string]interface{} {

 	claims[claimUsernameKey] = c.Username
 	claims[claimPermissionsKey] = c.Permissions
+	if c.APIKeyID != "" {
+		claims[claimAPIKey] = c.APIKeyID
+	}
 	claims[jwt.SubjectKey] = c.Signature

 	return claims
@@ -70,6 +75,13 @@ func (c *jwtTokenClaims) Decode(token map[string]interface{}) {
 		c.Signature = v
 	}

+	if val, ok := token[claimAPIKey]; ok {
+		switch v := val.(type) {
+		case string:
+			c.APIKeyID = v
+		}
+	}
+
 	permissions := token[claimPermissionsKey]
 	switch v := permissions.(type) {
 	case []interface{}: