Backend GKE Deploy, access key for backend

- Configs and automation for deploying backend to GKE - First steps to adding an optional token check for requests to backend - First steps frontend sending optional token to backend when configured
2025-08-07 00:08:41 +00:00 · 2024-05-10 16:07:58 -04:00
parent 0fedaef537
commit e6c2042df6
17 changed files with 296 additions and 39 deletions
--- a/src/app.ts
+++ b/src/app.ts
@ -3,7 +3,8 @@ import express from 'express';
 import cors from 'cors';
 import http from 'http';
 import routes from './routes';
-import { getPort } from './config';
+import { requireAccessKey } from './auth';
+import { getAccessKey, getPort } from './config';
 import logger from './utils/logger';

 const port = getPort();
@ -23,6 +24,10 @@ app.get('/api', (_, res) => {
  res.status(200).json({ status: 'ok' });
 });

+if (getAccessKey()) {
+  app.all('*', requireAccessKey);
+};
+
 server.listen(port, () => {
  logger.info(`Server is running on port ${port}`);
 });
--- a/src/auth.ts
+++ b/src/auth.ts
@ -0,0 +1,18 @@
+import {
+  getAccessKey,
+} from '../config';
+
+const requireAccessKey = (req, res, next) => {
+    const authHeader = req.headers.authorization;
+
+    if (authHeader) {
+        const token = authHeader.split(' ')[1];
+
+        if (token !== getAccessKey()) {
+            return res.sendStatus(403);
+        }
+        next();
+    } else {
+        res.sendStatus(401);
+    }
+};
--- a/src/config.ts
+++ b/src/config.ts
@ -8,6 +8,7 @@ interface Config {
  GENERAL: {
    PORT: number;
    SIMILARITY_MEASURE: string;
+    SUPER_SECRET_KEY: string;
  };
  API_KEYS: {
    OPENAI: string;
@ -28,18 +29,38 @@ const loadConfig = () =>
    fs.readFileSync(path.join(__dirname, `../${configFileName}`), 'utf-8'),
  ) as any as Config;

+const loadEnv = () => {
+  return {
+    GENERAL: {
+      PORT: Number(process.env.PORT),
+      SIMILARITY_MEASURE: process.env.SIMILARITY_MEASURE,
+      SUPER_SECRET_KEY: process.env.SUPER_SECRET_KEY
+    },
+    API_KEYS: {
+      OPENAI: process.env.OPENAI,
+      GROQ: process.env.GROQ
+    },
+    API_ENDPOINTS: {
+      SEARXNG: process.env.SEARXNG_API_URL,
+      OLLAMA: process.env.OLLAMA_API_URL
+    }
+  } as Config;
+};
+
 export const getPort = () => loadConfig().GENERAL.PORT;

+export const getAccessKey = () => loadEnv().GENERAL.SUPER_SECRET_KEY || loadConfig().GENERAL.SUPER_SECRET_KEY;
+
 export const getSimilarityMeasure = () =>
  loadConfig().GENERAL.SIMILARITY_MEASURE;

-export const getOpenaiApiKey = () => loadConfig().API_KEYS.OPENAI;
+export const getOpenaiApiKey = () => loadEnv().API_KEYS.OPENAI || loadConfig().API_KEYS.OPENAI;

-export const getGroqApiKey = () => loadConfig().API_KEYS.GROQ;
+export const getGroqApiKey = () => loadEnv().API_KEYS.GROQ || loadConfig().API_KEYS.GROQ;

-export const getSearxngApiEndpoint = () => loadConfig().API_ENDPOINTS.SEARXNG;
+export const getSearxngApiEndpoint = () => loadEnv().API_ENDPOINTS.SEARXNG || loadConfig().API_ENDPOINTS.SEARXNG;

-export const getOllamaApiEndpoint = () => loadConfig().API_ENDPOINTS.OLLAMA;
+export const getOllamaApiEndpoint = () => loadEnv().API_ENDPOINTS.OLLAMA || loadConfig().API_ENDPOINTS.OLLAMA;

 export const updateConfig = (config: RecursivePartial<Config>) => {
  const currentConfig = loadConfig();