74 lines
2.0 KiB
JavaScript
74 lines
2.0 KiB
JavaScript
const express = require('express');
|
|
const parser = require('cookie-parser');
|
|
const jwt = require('jsonwebtoken');
|
|
|
|
const app = express();
|
|
const PORT = process.env.PORT;
|
|
|
|
const version = process.env.VERSION;
|
|
const vBuild = process.env.VERSION_BUILD;
|
|
const vState = process.env.VERSION_STATE;
|
|
|
|
app.use(express.json());
|
|
app.use(parser());
|
|
|
|
app.get('/', (req, res) => {
|
|
res.redirect('/health');
|
|
});
|
|
|
|
app.get('/health', (req, res) => {
|
|
res.json({
|
|
status: "ok",
|
|
service: "api",
|
|
version: version,
|
|
build_number: vBuild,
|
|
version_state: vState
|
|
});
|
|
});
|
|
|
|
// Route pubblica: autenticazione tramite SENSOR_CODE (per il plugin)
|
|
const paramsSensorRoutes = require('./routes/params.sensor');
|
|
app.use('/params/sensor', paramsSensorRoutes);
|
|
|
|
// Middleware di autenticazione per le API
|
|
app.use((req, res, next) => {
|
|
if (req.path === '/health' || req.path === '/') return next();
|
|
|
|
// 1. Service-to-service: x-api-key header
|
|
const apiKey = req.headers['x-api-key'];
|
|
if (apiKey && apiKey === process.env.INTERNAL_API_KEY) {
|
|
req.internal = true;
|
|
return next();
|
|
}
|
|
|
|
// 2. User auth: cookie o Authorization header
|
|
const token = req.cookies?.auth_token
|
|
|| (req.headers.authorization?.startsWith('Bearer ') && req.headers.authorization.slice(7));
|
|
|
|
if (!token) {
|
|
return res.status(401).json({ error: 'Unauthorized: Nessun token di autenticazione fornito' });
|
|
}
|
|
|
|
try {
|
|
const payload = jwt.verify(token, process.env.JWT_SECRET, { algorithms: ['HS256'] });
|
|
req.user = payload;
|
|
next();
|
|
} catch (err) {
|
|
return res.status(401).json({ error: 'Unauthorized: Token non valido o scaduto' });
|
|
}
|
|
});
|
|
|
|
const dataRoutes = require('./routes/data');
|
|
app.use('/data', dataRoutes);
|
|
|
|
const storageRoutes = require('./routes/storage')
|
|
app.use('/storage', storageRoutes)
|
|
|
|
const paramsRoutes = require('./routes/params')
|
|
app.use('/params', paramsRoutes)
|
|
|
|
// Avvio del server
|
|
app.listen(PORT, () => {
|
|
console.log(`Started on port ${PORT}`);
|
|
});
|