Add basic auth to power bi endpoint

2024-06-06 20:25:20 +02:00
parent a5c91c1e88
commit e19d6a8929
4 changed files with 21 additions and 5 deletions
--- a/WebAPI/Controllers/LayersController.cs
+++ b/WebAPI/Controllers/LayersController.cs
@@ -1,4 +1,5 @@
 using System.Globalization;
 using System.Text;
 using DiunaBIWebAPI.dataImporters;
 using Google.Apis.Sheets.v4;
 using Microsoft.AspNetCore.Authorization;
@@ -96,7 +97,7 @@ namespace WebAPI.Controllers
            }
        }
        [HttpGet]
-        [Route("getByNumber/{apiKey}/{number}")]
+        [Route("getForPowerBI/{apiKey}/{number}")]
        public IActionResult GetByNumber(string apiKey, int number)
        {
            if (apiKey != configuration["apiKey"])
@@ -105,11 +106,23 @@ namespace WebAPI.Controllers
            }
            if (
-                !Request.Headers.TryGetValue("D-BI-AUTH", out var authKey)
+                !Request.Headers.TryGetValue("Authorization", out var authHeader))
                || authKey != configuration["authKey"])
            {
                return Unauthorized();
            }
            string[] credentialsArr = authHeader.ToString().Split(" ");
            if (credentialsArr.Length != 2)
            {
                return Unauthorized();
            }
            var authValue = Encoding.UTF8.GetString(Convert.FromBase64String(credentialsArr[1]));
            var username = authValue.Split(':')[0];
            var password = authValue.Split(':')[1];
            if (username != configuration["powerBI-user"] || password != configuration["powerBI-pass"])
            {
                return Unauthorized();
            }
            try
            {
                return Ok(db.Layers
--- a/WebAPI/Program.cs
+++ b/WebAPI/Program.cs
@@ -61,7 +61,7 @@ var app = builder.Build();
 app.Use(async (context, next) =>
 {
    string token = context.Request.Headers["Authorization"].ToString();
-    if (token.Length > 0) {
+    if (token.Length > 0 && !context.Request.Path.ToString().Contains("getForPowerBI")) {
        var handler = new JwtSecurityTokenHandler();
        var data = handler.ReadJwtToken(token.Split(' ')[1]);
        context.Request.Headers.Add("UserId", new Microsoft.Extensions.Primitives.StringValues(data.Subject));
--- a/WebAPI/appsettings.Development.json
+++ b/WebAPI/appsettings.Development.json
@@ -13,7 +13,8 @@
  "GoogleClientId": "107631825312-bkfe438ehr9k9ecb2h76g802tj6advma.apps.googleusercontent.com",
  "Secret": "8393AF8EAEF8478CB738D44858690F9C7E2D19F65896DD9FBAA3EB2A6F493E80",
  "apiKey": "10763478CB738D4ecb2h76g803478CB738D4e",
-  "authKey": "0F9C7E2D19FSLOCgKexz2h76g802tj6a",
+  "powerBI-user": "powerbi",
  "powerBI-pass": "0F9C7E2D19FSLOCgKexz2h76g802tj6a",
  "exportDirectory": "1eTyCUzYbzVQB8f8sbNmvnebFXyW2-axt",
  "appLogsFile": "13PuDvS3_HAYoSLOCgKexzlzIDLUilkApUF8QiJMTae0",
  "apiLocalUrl": "localhost:5400",
--- a/WebAPI/appsettings.json
+++ b/WebAPI/appsettings.json
@@ -14,6 +14,8 @@
  "Secret": "#{google-backend-login-secret}#",
  "apiKey": "#{api-key}#",
  "authKey": "#{auth-key}#",
  "powerBI-user": "#{powerBI-user}#",
  "powerBI-pass": "#{powerBI-pass}#",
  "exportDirectory": "#{export-directory}#",
  "appLogsFile": "#{app-logs-file}#",
  "apiLocalUrl": "#{api-local-url}#",