api-doorman
Simple proxy for traking API usage in TimescaleDB and authenticating requests by keys.
The proxy is prepared to be used for Text-to-Spech application. We want to deny unlimited access to everyone.
Lets say we have API with a path http://localhost:8002/private. The API accepts JSON {"text":"Some text to synthesize"}
. And we want to add quota for users based on count of characters in JSON's text field. The proxy can allow 1) access with some default quota to everyone (based on referer's IP), 2) access with configured quota values for users with provided key.
Demo
-
Go to examples/docker-compose
-
Start a demo: make start
-
Test fake api by investigating Makefile and docker-compose.yml:
make test/api/public
make test/api/private
make test/api/key
-
Add new key to DB: make test/adm/add
Expected result:
{"key":"XK3JoSyC48cxgvvkpUF4", "manual":true,
"validTo":"2030-11-24T11:07:00Z", "limit":500 ...}
-
Retrieve available keys from DB: make test/adm/key-list
-
Access private API: make test/api/key key=<<created key>>
. Sample: make test/api/key key=XK3JoSyC48cxgvvkpUF4
-
Clean demo
make clean
# or
sudo make clean
Note: the proxy must be not exposed to the Internet directly! It is expected to work under some real proxy like: nginx, traefik or other. It uses X-FORWARDED-FOR header value to detect IP.
License
Copyright © 2022, Airenas Vaičiūnas.
Released under the The 3-Clause BSD License.