diff --git a/server/scripts/ttn-webhook-dummy.py b/server/scripts/ttn-webhook-dummy.py index 2d9ad8e..94c5299 100644 --- a/server/scripts/ttn-webhook-dummy.py +++ b/server/scripts/ttn-webhook-dummy.py @@ -9,14 +9,11 @@ import json import argparse import random -token = "ich-bin-da-token" - -headers = { - "Authorization": f"Bearer {token}", - "Content-Type": "application/json", # Adjust if needed for your payload format -} - -def send_post_request(uri, data): +def send_post_request(uri, data, token): + headers = { + "Authorization": f"Bearer {token}", + "Content-Type": "application/json", + } try: requests.post(uri, json=data, timeout=1, headers=headers) except requests.exceptions.RequestException as e: @@ -31,6 +28,11 @@ def main(): type=str, help="The URI to send POST requests to (e.g., http://127.0.0.1:8080/api)", ) + parser.add_argument( + "token", + type=str, + help="Bearer authorization token)", + ) parser.add_argument( "directory", type=str, @@ -53,7 +55,7 @@ def main(): try: data = json.load(file) print(f"Sending {args.directory} to {args.uri}") - send_post_request(args.uri, data) + send_post_request(args.uri, data, args.token) except json.JSONDecodeError as e: print(f"Error reading {args.directory}: {e}") return @@ -74,7 +76,7 @@ def main(): try: data = json.load(file) print(f"Sending {filename} to {args.uri}") - send_post_request(args.uri, data) + send_post_request(args.uri, data, args.token) except json.JSONDecodeError as e: print(f"Error reading {filename}: {e}") @@ -85,7 +87,7 @@ def main(): try: data = json.load(file) print(f"Sending {filename} to {args.uri}") - send_post_request(args.uri, data) + send_post_request(args.uri, data, args.token) input("Press Enter to send the next file...") except json.JSONDecodeError as e: print(f"Error reading {filename}: {e}") @@ -98,11 +100,10 @@ def main(): try: data = json.load(file) print(f"Sending {filename} to {args.uri}") - send_post_request(args.uri, data) + send_post_request(args.uri, data, args.token) input("Press Enter to send another random file...") except json.JSONDecodeError as e: print(f"Error reading {filename}: {e}") - if __name__ == "__main__": main() diff --git a/server/src/controller/ttnController.ts b/server/src/controller/ttnController.ts index 07281ae..21f723b 100644 --- a/server/src/controller/ttnController.ts +++ b/server/src/controller/ttnController.ts @@ -20,38 +20,42 @@ const locationService = container.resolve(LocationService); const router = express.Router(); +const validateBearerToken = (authorizationHeader: string | undefined): boolean => { + if (!authorizationHeader) { + console.log("Authorization header is missing!"); + return false; + } + + const token = authorizationHeader.split(' ')[1]; // Extract token after 'Bearer' + if (!token) { + console.log("Bearer token is missing!"); + return false; + } + + if (token !== process.env.WEBHOOK_TOKEN) { + console.log("Bearer token is incorrect!"); + return false; + } + + return true; +}; + router.post( "/webhook", validateData(ttnMessageValidator), async (req: Request, res: Response) => { try { const authorizationHeader = req.headers['authorization']; - if (!authorizationHeader) { - console.log("Authorization header is missing!"); + + if (!validateBearerToken(authorizationHeader as string)) { res.status(401).json({ error: "Authentication failed" }); return; - } else { - const token = authorizationHeader.split(' ')[1]; // Get the token after 'Bearer' - if (!token) { - console.log("Bearer token is missing!"); - res.status(401).json({ error: "Authentication failed" }); - return; - } - else { - console.log(token) - if (token !== process.env.WEBHOOK_TOKEN) { - console.log("Bearer token is wrong!"); - res.status(401).json({ error: "Authentication failed" }); - return; - } else { - console.log("Bearer token is correct!"); - } - } } + console.log("Bearer token is correct!"); + } catch (error) { - console.log(error); + console.error("Error during authentication:", error); res.status(401).json({ error: "Authentication failed" }); - return; } try {