aime.rolandi/api-v2
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Se crea una autenticacion en el header para limitar el acceso a gethash

Browse Source
This commit is contained in:
aime.rolandi 2025-04-16 13:45:11 -03:00
parent e1ac74edce
commit d72cc1a8bf
1 changed files with 55 additions and 39 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
lib/api_web/controllers/get_hash.ex
View File

@ -4,10 +4,17 @@ defmodule ApiWeb.GetHash do
import Ecto.Query import Ecto.Query
require Logger require Logger
@valid_token "XHg0NWNhN2I3MTljNTRlOGU4NTAwOTljMDYwNTgxNDBmNzc5MTgxMzM3NmJmZTMwOGJjMGM4N2VkMzYwODUwMDFl"
def index(conn, %{"study" => accessionnumber}) do def index(conn, %{"study" => accessionnumber}) do
Envar.load(".env") Envar.load(".env")
Envar.require_env_file(".env") Envar.require_env_file(".env")
if not valid_token?(conn) do
conn
|> put_status(:unauthorized)
|> json(%{error: "Token inválido o ausente"})
else
Logger.info("Accession get hash -> #{accessionnumber}") Logger.info("Accession get hash -> #{accessionnumber}")
studyidentifier = Envar.get("IDENTIFIERFIELD") || "IDSTUDY" studyidentifier = Envar.get("IDENTIFIERFIELD") || "IDSTUDY"
@ -53,6 +60,7 @@ defmodule ApiWeb.GetHash do
|> json(%{hash: token}) |> json(%{hash: token})
end end
end end
end
def generate_token(json) do def generate_token(json) do
json_string = Jason.encode!(json) json_string = Jason.encode!(json)
@ -63,4 +71,12 @@ defmodule ApiWeb.GetHash do
token token
end end
defp valid_token?(conn) do
case get_req_header(conn, "authorization") do
["Bearer " <> token] -> token == @valid_token
_ -> false
end
end
end end