diff --git a/README.md b/README.md index c53d053..5871cdd 100644 --- a/README.md +++ b/README.md @@ -192,7 +192,7 @@ More detailed documentation of every endpoint will come.. ### Authentication -If you want to use command or logging endpoints such as `/api/v1/cars/:CarID/command/:Command`, `/api/v1/cars/:CarID/wake_up`, or `/api/v1/cars/:CarID/logging/:Command` you need to add authentication to your request. +All endpoints that interact with TeslaMate require authentication. You need to specify a token yourself (called **API_TOKEN**) in the environment variables file, to set it. The token has the requirement to be a minimum of 32 characters long. diff --git a/src/v1_TeslaMateAPICars.go b/src/v1_TeslaMateAPICars.go index fa262ea..2dc77e8 100644 --- a/src/v1_TeslaMateAPICars.go +++ b/src/v1_TeslaMateAPICars.go @@ -1,6 +1,8 @@ package main import ( + "net/http" + "github.com/gin-gonic/gin" _ "github.com/lib/pq" ) @@ -75,6 +77,13 @@ func TeslaMateAPICarsV1(c *gin.Context) { // creating required vars var CarsData []Cars + // authentication for the endpoint + validToken, errorMessage := validateAuthToken(c) + if !validToken { + TeslaMateAPIHandleOtherResponse(c, http.StatusUnauthorized, "TeslaMateAPICarsV1", gin.H{"error": errorMessage}) + return + } + // getting data from database query := ` SELECT diff --git a/src/v1_TeslaMateAPICarsBatteryHealth.go b/src/v1_TeslaMateAPICarsBatteryHealth.go index e8cd764..41c742f 100644 --- a/src/v1_TeslaMateAPICarsBatteryHealth.go +++ b/src/v1_TeslaMateAPICarsBatteryHealth.go @@ -1,6 +1,8 @@ package main import ( + "net/http" + "github.com/gin-gonic/gin" _ "github.com/lib/pq" ) @@ -8,6 +10,14 @@ import ( // TeslaMateAPICarsBatteryHealthV1 func func TeslaMateAPICarsBatteryHealthV1(c *gin.Context) { var CarsBatteryHealthError1 = "Unable to load battery health data." + + // authentication for the endpoint + validToken, errorMessage := validateAuthToken(c) + if !validToken { + TeslaMateAPIHandleOtherResponse(c, http.StatusUnauthorized, "TeslaMateAPICarsBatteryHealthV1", gin.H{"error": errorMessage}) + return + } + CarID := convertStringToInteger(c.Param("CarID")) // creating structs for /cars//battery-health diff --git a/src/v1_TeslaMateAPICarsCharges.go b/src/v1_TeslaMateAPICarsCharges.go index d27eec3..f4570fd 100644 --- a/src/v1_TeslaMateAPICarsCharges.go +++ b/src/v1_TeslaMateAPICarsCharges.go @@ -2,6 +2,7 @@ package main import ( "fmt" + "net/http" "github.com/gin-gonic/gin" _ "github.com/lib/pq" @@ -14,6 +15,13 @@ func TeslaMateAPICarsChargesV1(c *gin.Context) { var CarsChargesError1 = "Unable to load charges." var CarsChargesError2 = "Invalid date format." + // authentication for the endpoint + validToken, errorMessage := validateAuthToken(c) + if !validToken { + TeslaMateAPIHandleOtherResponse(c, http.StatusUnauthorized, "TeslaMateAPICarsChargesV1", gin.H{"error": errorMessage}) + return + } + // getting CarID param from URL CarID := convertStringToInteger(c.Param("CarID")) // query options to modify query when collecting data diff --git a/src/v1_TeslaMateAPICarsChargesDetails.go b/src/v1_TeslaMateAPICarsChargesDetails.go index 97843ce..dc7c2be 100644 --- a/src/v1_TeslaMateAPICarsChargesDetails.go +++ b/src/v1_TeslaMateAPICarsChargesDetails.go @@ -2,6 +2,7 @@ package main import ( "database/sql" + "net/http" "github.com/gin-gonic/gin" _ "github.com/lib/pq" @@ -16,6 +17,13 @@ func TeslaMateAPICarsChargesDetailsV1(c *gin.Context) { CarsChargesDetailsError2 = "Unable to load charge details." ) + // authentication for the endpoint + validToken, errorMessage := validateAuthToken(c) + if !validToken { + TeslaMateAPIHandleOtherResponse(c, http.StatusUnauthorized, "TeslaMateAPICarsChargesDetailsV1", gin.H{"error": errorMessage}) + return + } + // getting CarID and ChargeID param from URL CarID := convertStringToInteger(c.Param("CarID")) ChargeID := convertStringToInteger(c.Param("ChargeID")) diff --git a/src/v1_TeslaMateAPICarsDrives.go b/src/v1_TeslaMateAPICarsDrives.go index ef31c04..a495986 100644 --- a/src/v1_TeslaMateAPICarsDrives.go +++ b/src/v1_TeslaMateAPICarsDrives.go @@ -2,6 +2,7 @@ package main import ( "fmt" + "net/http" "github.com/gin-gonic/gin" _ "github.com/lib/pq" @@ -14,6 +15,13 @@ func TeslaMateAPICarsDrivesV1(c *gin.Context) { var CarsDrivesError1 = "Unable to load drives." var CarsDrivesError2 = "Invalid date format." + // authentication for the endpoint + validToken, errorMessage := validateAuthToken(c) + if !validToken { + TeslaMateAPIHandleOtherResponse(c, http.StatusUnauthorized, "TeslaMateAPICarsDrivesV1", gin.H{"error": errorMessage}) + return + } + // getting CarID param from URL CarID := convertStringToInteger(c.Param("CarID")) // query options to modify query when collecting data diff --git a/src/v1_TeslaMateAPICarsDrivesDetails.go b/src/v1_TeslaMateAPICarsDrivesDetails.go index d2d870c..ddd7425 100644 --- a/src/v1_TeslaMateAPICarsDrivesDetails.go +++ b/src/v1_TeslaMateAPICarsDrivesDetails.go @@ -2,6 +2,7 @@ package main import ( "database/sql" + "net/http" "github.com/gin-gonic/gin" _ "github.com/lib/pq" @@ -16,6 +17,13 @@ func TeslaMateAPICarsDrivesDetailsV1(c *gin.Context) { CarsDrivesDetailsError2 = "Unable to load drive details." ) + // authentication for the endpoint + validToken, errorMessage := validateAuthToken(c) + if !validToken { + TeslaMateAPIHandleOtherResponse(c, http.StatusUnauthorized, "TeslaMateAPICarsDrivesDetailsV1", gin.H{"error": errorMessage}) + return + } + // getting CarID and DriveID param from URL CarID := convertStringToInteger(c.Param("CarID")) DriveID := convertStringToInteger(c.Param("DriveID")) diff --git a/src/v1_TeslaMateAPICarsLogging.go b/src/v1_TeslaMateAPICarsLogging.go index 8135f03..03c5e91 100644 --- a/src/v1_TeslaMateAPICarsLogging.go +++ b/src/v1_TeslaMateAPICarsLogging.go @@ -21,6 +21,13 @@ func TeslaMateAPICarsLoggingV1(c *gin.Context) { err error ) + // authentication for the endpoint + validToken, errorMessage := validateAuthToken(c) + if !validToken { + TeslaMateAPIHandleOtherResponse(c, http.StatusUnauthorized, "TeslaMateAPICarsLoggingV1", gin.H{"error": errorMessage}) + return + } + // check if commands are enabled.. if not we need to abort if !getEnvAsBool("ENABLE_COMMANDS", false) { log.Println("[warning] TeslaMateAPICarsLoggingV1 ENABLE_COMMANDS is not true.. returning 403 forbidden.") @@ -34,13 +41,6 @@ func TeslaMateAPICarsLoggingV1(c *gin.Context) { return } - // authentication for the endpoint - validToken, errorMessage := validateAuthToken(c) - if !validToken { - TeslaMateAPIHandleOtherResponse(c, http.StatusUnauthorized, "TeslaMateAPICarsLoggingV1", gin.H{"error": errorMessage}) - return - } - // getting CarID param from URL and validating that it's not zero CarID := convertStringToInteger(c.Param("CarID")) if CarID == 0 { diff --git a/src/v1_TeslaMateAPICarsUpdates.go b/src/v1_TeslaMateAPICarsUpdates.go index c23e1aa..7733d8f 100644 --- a/src/v1_TeslaMateAPICarsUpdates.go +++ b/src/v1_TeslaMateAPICarsUpdates.go @@ -1,6 +1,8 @@ package main import ( + "net/http" + "github.com/gin-gonic/gin" _ "github.com/lib/pq" ) @@ -11,6 +13,13 @@ func TeslaMateAPICarsUpdatesV1(c *gin.Context) { // define error messages var CarsUpdatesError1 = "Unable to load updates." + // authentication for the endpoint + validToken, errorMessage := validateAuthToken(c) + if !validToken { + TeslaMateAPIHandleOtherResponse(c, http.StatusUnauthorized, "TeslaMateAPICarsUpdatesV1", gin.H{"error": errorMessage}) + return + } + // getting CarID param from URL CarID := convertStringToInteger(c.Param("CarID")) // query options to modify query when collecting data diff --git a/src/v1_TeslaMateAPIGlobalsettings.go b/src/v1_TeslaMateAPIGlobalsettings.go index 60c0e3b..8a6fcf4 100644 --- a/src/v1_TeslaMateAPIGlobalsettings.go +++ b/src/v1_TeslaMateAPIGlobalsettings.go @@ -2,6 +2,7 @@ package main import ( "database/sql" + "net/http" "github.com/gin-gonic/gin" _ "github.com/lib/pq" @@ -54,6 +55,13 @@ func TeslaMateAPIGlobalsettingsV1(c *gin.Context) { // creating required vars var globalSetting GlobalSettings + // authentication for the endpoint + validToken, errorMessage := validateAuthToken(c) + if !validToken { + TeslaMateAPIHandleOtherResponse(c, http.StatusUnauthorized, "TeslaMateAPIGlobalsettingsV1", gin.H{"error": errorMessage}) + return + } + // getting data from database query := ` SELECT