From 7c08d7b615afdb0fc4233b524e09264a3463ce09 Mon Sep 17 00:00:00 2001
From: CristhianF7 <CristhianF7@gmail.com>
Date: Thu, 10 Aug 2023 13:50:19 -0500
Subject: [PATCH] feat: api authentication

---
 .env.example                             |  4 +++-
 charts/console/templates/deployment.yaml |  5 +++++
 pages/api/proxy.ts                       | 12 ++++++++++--
 3 files changed, 18 insertions(+), 3 deletions(-)

diff --git a/.env.example b/.env.example
index 9d9a317a..3d9194e1 100644
--- a/.env.example
+++ b/.env.example
@@ -5,4 +5,6 @@ DISABLE_TELEMETRY=false
 INSTALL_METHOD=helm
 IS_CLUSTER_ZERO=true
 KUBEFIRST_VERSION=1.10.7
-POSTHOG_KEY=phc_1i5RDnv8Byf9w05fV8l02GSltpDwF9iyf0ry0U0Fw4r
\ No newline at end of file
+POSTHOG_KEY=phc_1i5RDnv8Byf9w05fV8l02GSltpDwF9iyf0ry0U0Fw4r
+# Make sure the K1_ACCESS_TOKEN value matches the env var in the api
+K1_ACCESS_TOKEN=feedkray
\ No newline at end of file
diff --git a/charts/console/templates/deployment.yaml b/charts/console/templates/deployment.yaml
index cbfe1dea..3c501107 100644
--- a/charts/console/templates/deployment.yaml
+++ b/charts/console/templates/deployment.yaml
@@ -43,6 +43,11 @@ spec:
               value: {{ .Values.isClusterZero | default "true" | quote }}
             - name: INSTALL_METHOD
               value: {{ .Values.installMethod | default "helm" }}
+            - name: K1_ACCESS_TOKEN
+              valueFrom:
+                secretKeyRef:
+                  name: {{ .Values.existingSecret | default "kubefirst-initial-secrets" }}
+                  key: K1_ACCESS_TOKEN
           securityContext:
             {{- toYaml .Values.securityContext | nindent 12 }}
           image: "{{ .Values.image.repository }}:{{ .Values.image.tag | default .Chart.AppVersion }}"
diff --git a/pages/api/proxy.ts b/pages/api/proxy.ts
index c353f306..444bded5 100644
--- a/pages/api/proxy.ts
+++ b/pages/api/proxy.ts
@@ -2,7 +2,7 @@ import axios from 'axios';
 import type { NextApiRequest, NextApiResponse } from 'next';
 
 export default async function handler(req: NextApiRequest, res: NextApiResponse) {
-  const { API_URL = '' } = process.env;
+  const { API_URL = '', K1_ACCESS_TOKEN = '' } = process.env;
   const { body, url } = req.body;
   const { url: queryUrl } = req.query;
 
@@ -15,7 +15,15 @@ export default async function handler(req: NextApiRequest, res: NextApiResponse)
   // eslint-disable-next-line no-console
   console.log(`METHOD: ${req.method} URL: ${kubefirstEndpointUrl}`);
   try {
-    const response = await axios({ url: kubefirstEndpointUrl, data: body, method: req.method });
+    const response = await axios({
+      url: kubefirstEndpointUrl,
+      data: body,
+      method: req.method,
+      headers: {
+        ...req.headers,
+        Authorization: `Bearer ${K1_ACCESS_TOKEN}`,
+      },
+    });
     res.status(200).json(response.data);
     // eslint-disable-next-line @typescript-eslint/no-explicit-any
   } catch (error: any) {