diff --git a/CHANGELOG.md b/CHANGELOG.md index ec08ed2..f00c8c7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -16,7 +16,16 @@ The format is based on [Keep a Changelog][keepachangelog] and adheres to [Semant ### Fixed -## [0.51.0] - 2025-09-26 +## [0.51.2] - 2025-09-26 + +### Added + +### Changed + +- Enhance gateway configuration by adding RQLiteDSN support and updating default connection settings. Updated config parsing to include RQLiteDSN from YAML and environment variables. Changed default RQLite connection URL from port 4001 to 5001. +- Update CHANGELOG.md for version 0.51.2, enhance API key extraction to support query parameters, and implement internal auth context in status and storage handlers. + +## [0.51.1] - 2025-09-26 ### Added @@ -29,6 +38,7 @@ The format is based on [Keep a Changelog][keepachangelog] and adheres to [Semant - Updated node/node.go on loadOrCreateIdentity to use encryption.identity - Updated cli/main.go to remove fallbacks for identity - Updated install-debros-network.sh script to use new ./cmd/identity and fixed port order on print +- Updated makefile and changelog ### Deprecated @@ -37,7 +47,7 @@ The format is based on [Keep a Changelog][keepachangelog] and adheres to [Semant ### Fixed -## [0.50.1] - 2025-09-23 +## [0.50.0] - 2025-09-23 ### Added diff --git a/pkg/gateway/middleware.go b/pkg/gateway/middleware.go index 8f786a3..b22c5bc 100644 --- a/pkg/gateway/middleware.go +++ b/pkg/gateway/middleware.go @@ -130,7 +130,7 @@ func (g *Gateway) authMiddleware(next http.Handler) http.Handler { }) } -// extractAPIKey extracts API key from Authorization or X-API-Key +// extractAPIKey extracts API key from Authorization, X-API-Key header, or query parameters func extractAPIKey(r *http.Request) string { // Prefer Authorization header auth := r.Header.Get("Authorization") @@ -148,10 +148,18 @@ func extractAPIKey(r *http.Request) string { return strings.TrimSpace(auth) } } - // Fallback header + // Fallback to X-API-Key header if v := strings.TrimSpace(r.Header.Get("X-API-Key")); v != "" { return v } + // Fallback to query parameter (for WebSocket support) + if v := strings.TrimSpace(r.URL.Query().Get("api_key")); v != "" { + return v + } + // Also check token query parameter (alternative name) + if v := strings.TrimSpace(r.URL.Query().Get("token")); v != "" { + return v + } return "" } diff --git a/pkg/gateway/status_handlers.go b/pkg/gateway/status_handlers.go index 37d6448..f0666c3 100644 --- a/pkg/gateway/status_handlers.go +++ b/pkg/gateway/status_handlers.go @@ -60,7 +60,8 @@ func (g *Gateway) statusHandler(w http.ResponseWriter, r *http.Request) { writeError(w, http.StatusServiceUnavailable, "client not initialized") return } - ctx := r.Context() + // Use internal auth context to bypass client credential requirements + ctx := client.WithInternalAuth(r.Context()) status, err := g.client.Network().GetStatus(ctx) if err != nil { writeError(w, http.StatusInternalServerError, err.Error()) diff --git a/pkg/gateway/storage_handlers.go b/pkg/gateway/storage_handlers.go index 01d0ef0..3c283e1 100644 --- a/pkg/gateway/storage_handlers.go +++ b/pkg/gateway/storage_handlers.go @@ -3,6 +3,8 @@ package gateway import ( "encoding/json" "net/http" + + "github.com/DeBrosOfficial/network/pkg/client" ) // Database HTTP handlers @@ -12,7 +14,8 @@ func (g *Gateway) networkStatusHandler(w http.ResponseWriter, r *http.Request) { writeError(w, http.StatusServiceUnavailable, "client not initialized") return } - ctx := r.Context() + // Use internal auth context to bypass client credential requirements + ctx := client.WithInternalAuth(r.Context()) status, err := g.client.Network().GetStatus(ctx) if err != nil { writeError(w, http.StatusInternalServerError, err.Error()) @@ -26,7 +29,8 @@ func (g *Gateway) networkPeersHandler(w http.ResponseWriter, r *http.Request) { writeError(w, http.StatusServiceUnavailable, "client not initialized") return } - ctx := r.Context() + // Use internal auth context to bypass client credential requirements + ctx := client.WithInternalAuth(r.Context()) peers, err := g.client.Network().GetPeers(ctx) if err != nil { writeError(w, http.StatusInternalServerError, err.Error())