🐛 Changes basic auth to bearer auth

backend/src/main/kotlin/plugins/HTTP.kt

@@ -12,6 +12,7 @@ fun Application.configureHTTP() {
         allowMethod(HttpMethod.Put)
         allowMethod(HttpMethod.Patch)
         allowMethod(HttpMethod.Delete)
+        allowHeader(HttpHeaders.Authorization)
         anyHost() // @TODO: Don't do this in production if possible. Try to limit it.
     }
     install(Compression)

backend/src/main/kotlin/plugins/Security.kt

@@ -8,11 +8,13 @@ fun Application.configureSecurity(dotenv: Dotenv) {
     val apiKey = dotenv["API_KEY"] ?: throw Exception("API_KEY not found")
 
     authentication {
-        basic {
+        bearer {
-            realm = "ktor"
+            realm = "/"
-            validate { credentials ->
+            authenticate { credential ->
-                if (credentials.name == "admin" && credentials.password == apiKey) {
+                println("received: '${credential.token}'")
-                    UserIdPrincipal(credentials.name)
+                println("expected: '${apiKey}'")
+                if (credential.token == apiKey) {
+                    UserIdPrincipal("admin")
                 } else {
                     null
                 }

backend/src/main/kotlin/routes/Auth.kt

@@ -4,7 +4,9 @@ import dev.svitan.services.AuthService
 import dev.svitan.services.NewAuthDTO
 import io.ktor.http.HttpStatusCode
 import io.ktor.server.application.Application
+import io.ktor.server.auth.UserIdPrincipal
 import io.ktor.server.auth.authentication
+import io.ktor.server.auth.principal
 import io.ktor.server.plugins.BadRequestException
 import io.ktor.server.plugins.NotFoundException
 import io.ktor.server.request.receive
@@ -16,6 +18,7 @@ fun Application.routeAuth() {
     routing {
         authentication {
             get("/auth") {
+                println("Hello ${call.principal<UserIdPrincipal>()?.name}")
                 call.respond(AuthService.readAll())
             }