apikey auth for Org1

Signed-off-by: sapthasurendran <saptha.surendran@ibm.com> removed auth check from live,ready apis.. code format http file changes for apikey comments for getting api key readme update for apikey usage replaced -H with --header apikey config made mandatory fix linting Signed-off-by: sapthasurendran <saptha.surendran@ibm.com>
2026-06-22 01:25:10 +00:00 · 2021-07-27 13:13:18 +05:30 · 2021-07-27 13:13:18 +05:30 · c3a34ef559
commit c3a34ef559
parent d4318c381a
8 changed files with 107 additions and 9 deletions
--- a/README.md
+++ b/README.md
@ -65,35 +65,35 @@ curl --include --request OPTIONS http://localhost:3000/api/assets/asset7
 ### Create an asset...
 ```shell
-curl --include --header "Content-Type: application/json" --request POST --data '{"id":"asset7","color":"red","size":42,"owner":"Jean","appraisedValue":101}' http://localhost:3000/api/assets
+curl --include --header "Content-Type: application/json" --header "api-key:Api-Key <apikeyfororg>" --request POST --data '{"id":"asset7","color":"red","size":42,"owner":"Jean","appraisedValue":101}' http://localhost:3000/api/assets
 ```
 ### Read transaction status...
 ```shell
-curl http://localhost:3000/api/transactions/__transaction_id__
+curl --header "api-key:Api-Key <apikeyfororg>" http://localhost:3000/api/transactions/__transaction_id__
 ```
 ### Read an asset...
 ```shell
-curl http://localhost:3000/api/assets/asset7
+curl --header "api-key:Api-Key <apikeyfororg>" http://localhost:3000/api/assets/asset7
 ```
 ### Update an asset...
 ```shell
-curl --include --header "Content-Type: application/json" --request PUT --data '{"id":"asset7","color":"red","size":11,"owner":"Jean","appraisedValue":101}' http://localhost:3000/api/assets/asset7
+curl --include --header "Content-Type: application/json" --header "api-key:Api-Key <apikeyfororg>" --request PUT --data '{"id":"asset7","color":"red","size":11,"owner":"Jean","appraisedValue":101}' http://localhost:3000/api/assets/asset7
 ```
 ### Transfer an asset...
 ```shell
-curl --include --header "Content-Type: application/json" --request PATCH --data '[{"op":"replace","path":"/owner","value":"Ashleigh"}]' http://localhost:3000/api/assets/asset7
+curl --include --header "Content-Type: application/json" --header "api-key:Api-Key <apikeyfororg>" --request PATCH --data '[{"op":"replace","path":"/owner","value":"Ashleigh"}]' http://localhost:3000/api/assets/asset7
 ```
 ### Delete an asset...
 ```shell
-curl --include --request DELETE http://localhost:3000/api/assets/asset7
+curl --include --header "api-key:Api-Key <apikeyfororg>" --request DELETE http://localhost:3000/api/assets/asset7
 ```
--- a/asset-transfer-basic/rest-api-typescript/package-lock.json
+++ b/asset-transfer-basic/rest-api-typescript/package-lock.json
@ -268,6 +268,15 @@
      "resolved": "https://registry.npmjs.org/@types/node/-/node-15.12.4.tgz",
      "integrity": "sha512-zrNj1+yqYF4WskCMOHwN+w9iuD12+dGm0rQ35HLl9/Ouuq52cEtd0CH9qMgrdNmi5ejC1/V7vKEXYubB+65DkA=="
    },
    "@types/passport": {
      "version": "1.0.7",
      "resolved": "https://registry.npmjs.org/@types/passport/-/passport-1.0.7.tgz",
      "integrity": "sha512-JtswU8N3kxBYgo+n9of7C97YQBT+AYPP2aBfNGTzABqPAZnK/WOAaKfh3XesUYMZRrXFuoPc2Hv0/G/nQFveHw==",
      "dev": true,
      "requires": {
        "@types/express": "*"
      }
    },
    "@types/pino": {
      "version": "6.3.8",
      "resolved": "https://registry.npmjs.org/@types/pino/-/pino-6.3.8.tgz",
@ -1961,6 +1970,29 @@
      "resolved": "https://registry.npmjs.org/parseurl/-/parseurl-1.3.3.tgz",
      "integrity": "sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ=="
    },
    "passport": {
      "version": "0.4.1",
      "resolved": "https://registry.npmjs.org/passport/-/passport-0.4.1.tgz",
      "integrity": "sha512-IxXgZZs8d7uFSt3eqNjM9NQ3g3uQCW5avD8mRNoXV99Yig50vjuaez6dQK2qC0kVWPRTujxY0dWgGfT09adjYg==",
      "requires": {
        "passport-strategy": "1.x.x",
        "pause": "0.0.1"
      }
    },
    "passport-headerapikey": {
      "version": "1.2.2",
      "resolved": "https://registry.npmjs.org/passport-headerapikey/-/passport-headerapikey-1.2.2.tgz",
      "integrity": "sha512-4BvVJRrWsNJPrd3UoZfcnnl4zvUWYKEtfYkoDsaOKBsrWHYmzTApCjs7qUbncOLexE9ul0IRiYBFfBG0y9IVQA==",
      "requires": {
        "lodash": "^4.17.15",
        "passport-strategy": "^1.0.0"
      }
    },
    "passport-strategy": {
      "version": "1.0.0",
      "resolved": "https://registry.npmjs.org/passport-strategy/-/passport-strategy-1.0.0.tgz",
      "integrity": "sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ="
    },
    "path-is-absolute": {
      "version": "1.0.1",
      "resolved": "https://registry.npmjs.org/path-is-absolute/-/path-is-absolute-1.0.1.tgz",
@ -1984,6 +2016,11 @@
      "integrity": "sha512-gDKb8aZMDeD/tZWs9P6+q0J9Mwkdl6xMV8TjnGP3qJVJ06bdMgkbBlLU8IdfOsIsFz2BW1rNVT3XuNEl8zPAvw==",
      "dev": true
    },
    "pause": {
      "version": "0.0.1",
      "resolved": "https://registry.npmjs.org/pause/-/pause-0.0.1.tgz",
      "integrity": "sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10="
    },
    "picomatch": {
      "version": "2.3.0",
      "resolved": "https://registry.npmjs.org/picomatch/-/picomatch-2.3.0.tgz",
--- a/asset-transfer-basic/rest-api-typescript/package.json
+++ b/asset-transfer-basic/rest-api-typescript/package.json
@ -12,6 +12,8 @@
    "helmet": "^4.6.0",
    "http-status-codes": "^2.1.4",
    "ioredis": "^4.27.6",
    "passport": "^0.4.1",
    "passport-headerapikey": "^1.2.2",
    "pino": "^6.11.3",
    "pino-http": "^5.5.0",
    "source-map-support": "^0.5.19"
@ -20,6 +22,7 @@
    "@types/express": "^4.17.12",
    "@types/ioredis": "^4.26.4",
    "@types/node": "^15.12.4",
    "@types/passport": "^1.0.7",
    "@types/pino": "^6.3.8",
    "@types/pino-http": "^5.4.1",
    "@typescript-eslint/eslint-plugin": "^4.28.0",
--- a/asset-transfer-basic/rest-api-typescript/scripts/generateEnv.sh
+++ b/asset-transfer-basic/rest-api-typescript/scripts/generateEnv.sh
@ -30,6 +30,8 @@ REDIS_HOST=localhost
 REDIS_PORT=6379
 ORG1_APIKEY=$(uuidgen)
 #REDIS_USERNAME=
 #REDIS_PASSWORD=
--- a/asset-transfer-basic/rest-api-typescript/src/auth.ts
+++ b/asset-transfer-basic/rest-api-typescript/src/auth.ts
@ -0,0 +1,24 @@
 import { logger } from './logger';
 import { HeaderAPIKeyStrategy } from 'passport-headerapikey';
 import * as config from './config';
 export const fabricAPIKeyStrategy: HeaderAPIKeyStrategy =
  new HeaderAPIKeyStrategy(
    { header: 'api-key', prefix: 'Api-Key ' },
    true,
    function (apikey, done) {
      const user: { org: string } = {
        org: '',
      };
      if (apikey === config.org1ApiKey) {
        user.org = 'Org1';
        logger.info('Organisation set to Org1');
        done(null, user);
        //todo
        //add org2 apikey check
      } else {
        logger.debug('APIKEY Mismatch');
        return done(null, false);
      }
    }
  );
--- a/asset-transfer-basic/rest-api-typescript/src/config.ts
+++ b/asset-transfer-basic/rest-api-typescript/src/config.ts
@ -97,3 +97,9 @@ export const redisUsername = env
  .asString();
 export const redisPassword = env.get('REDIS_PASSWORD').asString();
 export const org1ApiKey = env
  .get('ORG1_APIKEY')
  .required()
  .example('123')
  .asString();
--- a/asset-transfer-basic/rest-api-typescript/src/server.ts
+++ b/asset-transfer-basic/rest-api-typescript/src/server.ts
@ -22,6 +22,8 @@ const {
  SERVICE_UNAVAILABLE,
 } = StatusCodes;
 import { fabricAPIKeyStrategy } from './auth';
 import passport from 'passport';
 export const createServer = async (): Promise<Application> => {
  const app = express();
@ -48,6 +50,12 @@ export const createServer = async (): Promise<Application> => {
  app.use(express.json());
  app.use(express.urlencoded({ extended: true }));
  //define passport startegy
  passport.use(fabricAPIKeyStrategy);
  //initialize passport js
  app.use(passport.initialize());
  if (process.env.NODE_ENV === 'development') {
    // TBC
  }
@ -90,8 +98,16 @@ export const createServer = async (): Promise<Application> => {
    throw new Error('Example error');
  });
-  app.use('/api/assets', assetsRouter);
+  app.use(
-  app.use('/api/transactions', transactionsRouter);
+    '/api/assets',
    passport.authenticate('headerapikey', { session: false }),
    assetsRouter
  );
  app.use(
    '/api/transactions',
    passport.authenticate('headerapikey', { session: false }),
    transactionsRouter
  );
  // For everything else
  app.use((_req, res) =>
--- a/demo.http
+++ b/demo.http
@ -4,18 +4,23 @@
@port = 3000
@baseUrl = http://{{hostname}}:{{port}}/api
-### Get all assets
+//Get the apikey from .env file 
@api-key= Api-Key 295069C9-ABF5-4D2A-A020-2FF9F4E8DF07
 ### Get all assets
 GET {{baseUrl}}/assets HTTP/1.1
 api-key: {{api-key}}
 ### Check if asset exists
 OPTIONS {{baseUrl}}/assets/asset7 HTTP/1.1
 api-key: {{api-key}}
 ### Create asset
 POST {{baseUrl}}/assets HTTP/1.1
 content-type: application/json
 api-key: {{api-key}}
 {
    "id": "asset7",
@ -28,15 +33,18 @@ content-type: application/json
 ### Read transaction status
 GET {{baseUrl}}/transactions/__transaction_id__ HTTP/1.1
 api-key: {{api-key}}
 ### Read asset
 GET {{baseUrl}}/assets/asset7 HTTP/1.1
 api-key: {{api-key}}
 ### Update asset
 PUT {{baseUrl}}/assets/asset7 HTTP/1.1
 content-type: application/json
 api-key: {{api-key}}
 {
    "id": "asset7",
@ -50,6 +58,7 @@ content-type: application/json
 PATCH {{baseUrl}}/assets/asset7 HTTP/1.1
 content-type: application/json
 api-key: {{api-key}}
 [
    {
@ -62,3 +71,4 @@ content-type: application/json
 ### Delete asset
 DELETE {{baseUrl}}/assets/asset7 HTTP/1.1
 api-key: {{api-key}}