bollwerk

bollwerkadmin/bollwerk

Fork 0

Commit graph

Author	SHA1	Message	Date
Jens Reinemann	cb9bd2bdf4	feat(server): add API-Key authentication for REST endpoints server/plugins/Authentication.kt: - Custom Ktor AuthenticationProvider supporting both X-API-Key header and Authorization: Bearer <key> for API-Key validation - ApiKeyPrincipal data class implementing Principal interface - 401 Unauthorized with ErrorResponse body for missing/invalid keys server/plugins/Routing.kt: - Inventory routes wrapped in authenticate(api-key) block - Health endpoint remains public (no auth required) server/src/main/resources/application.conf: - API key configurable via krisenvorrat.apiKey property - Environment variable override via KRISENVORRAT_API_KEY server/tests: - 7 new AuthenticationTest cases (valid bearer, valid X-API-Key, missing key, invalid bearer, invalid X-API-Key, PUT without key, health without key) - All existing ApplicationTest cases updated with bearer auth header Closes #43	2026-05-14 20:50:16 +02:00
Jens Reinemann	cb190e61e9	feat(server): add Ktor server module with health endpoint New Gradle module :server (Kotlin/JVM) with Ktor 3.1.2 framework, configured as an embedded Netty HTTP server. server/src/main/kotlin/de/krisenvorrat/server/: - Application.kt: entry point using EngineMain for HOCON config - plugins/Routing.kt: GET /health endpoint returning 200 OK - plugins/Serialization.kt: ContentNegotiation with kotlinx.json Configuration: - application.conf (HOCON): host 0.0.0.0, port 8080, module reference - logback.xml: SLF4J/Logback console logging Build config: - server/build.gradle.kts: Ktor plugin with Fat JAR (server.jar) - libs.versions.toml: Ktor 3.1.2, Logback 1.5.18 dependencies - settings.gradle.kts: include(:server) - :server depends on :shared for common DTO models Tests: 2 tests (health endpoint, 404 on unknown route) via Ktor testApplication. Closes #40	2026-05-14 20:06:40 +02:00

Author

SHA1

Message

Date

Jens Reinemann

cb9bd2bdf4

feat(server): add API-Key authentication for REST endpoints

server/plugins/Authentication.kt:
- Custom Ktor AuthenticationProvider supporting both X-API-Key header
  and Authorization: Bearer <key> for API-Key validation
- ApiKeyPrincipal data class implementing Principal interface
- 401 Unauthorized with ErrorResponse body for missing/invalid keys

server/plugins/Routing.kt:
- Inventory routes wrapped in authenticate(api-key) block
- Health endpoint remains public (no auth required)

server/src/main/resources/application.conf:
- API key configurable via krisenvorrat.apiKey property
- Environment variable override via KRISENVORRAT_API_KEY

server/tests:
- 7 new AuthenticationTest cases (valid bearer, valid X-API-Key,
  missing key, invalid bearer, invalid X-API-Key, PUT without key,
  health without key)
- All existing ApplicationTest cases updated with bearer auth header

Closes #43

2026-05-14 20:50:16 +02:00

Jens Reinemann

cb190e61e9

feat(server): add Ktor server module with health endpoint

New Gradle module :server (Kotlin/JVM) with Ktor 3.1.2 framework,
configured as an embedded Netty HTTP server.

server/src/main/kotlin/de/krisenvorrat/server/:
- Application.kt: entry point using EngineMain for HOCON config
- plugins/Routing.kt: GET /health endpoint returning 200 OK
- plugins/Serialization.kt: ContentNegotiation with kotlinx.json

Configuration:
- application.conf (HOCON): host 0.0.0.0, port 8080, module reference
- logback.xml: SLF4J/Logback console logging

Build config:
- server/build.gradle.kts: Ktor plugin with Fat JAR (server.jar)
- libs.versions.toml: Ktor 3.1.2, Logback 1.5.18 dependencies
- settings.gradle.kts: include(:server)
- :server depends on :shared for common DTO models

Tests: 2 tests (health endpoint, 404 on unknown route) via
Ktor testApplication.

Closes #40

2026-05-14 20:06:40 +02:00

2 commits