org.springframework.web.filter.GenericFilterBean

org.springframework.web.filter.OncePerRequestFilter

dev.dokimos.server.filter.ApiKeyAuthFilter

All Implemented Interfaces:: jakarta.servlet.Filter, org.springframework.beans.factory.Aware, org.springframework.beans.factory.BeanNameAware, org.springframework.beans.factory.DisposableBean, org.springframework.beans.factory.InitializingBean, org.springframework.context.EnvironmentAware, org.springframework.core.env.EnvironmentCapable, org.springframework.web.context.ServletContextAware

@Component public class ApiKeyAuthFilter extends org.springframework.web.filter.OncePerRequestFilter

Filter that enforces API key authentication for write operations on /api/v1/** endpoints.

GET requests are always allowed. POST, PUT, PATCH, DELETE requests require a valid API key in the Authorization header.

Expected header format: Authorization: Bearer <api-key>

If authentication is disabled (no API key configured), all requests are allowed.

Field Summary

Fields inherited from class org.springframework.web.filter.OncePerRequestFilter
ALREADY_FILTERED_SUFFIX
Constructor Summary

Constructors

Constructor

Description

ApiKeyAuthFilter(ApiKeyProperties apiKeyProperties, com.fasterxml.jackson.databind.ObjectMapper objectMapper)
Method Summary

Methods inherited from class org.springframework.web.filter.OncePerRequestFilter
doFilter

Methods inherited from class org.springframework.web.filter.GenericFilterBean
afterPropertiesSet, destroy, getEnvironment, getFilterConfig, init, setBeanName, setEnvironment, setServletContext

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details
- ApiKeyAuthFilter
  
  public ApiKeyAuthFilter(ApiKeyProperties apiKeyProperties, com.fasterxml.jackson.databind.ObjectMapper objectMapper)

Class ApiKeyAuthFilter

Field Summary