From ca5bca10ae1a420acb04cccfb6907fe3ba8c1abc Mon Sep 17 00:00:00 2001
From: kompotkot <zenitsws@gmail.com>
Date: Tue, 8 Mar 2022 14:25:08 +0000
Subject: [PATCH] Application id check in auth middleware

---
 nodes/node_balancer/cmd/data.go       | 1 +
 nodes/node_balancer/cmd/middleware.go | 4 ++++
 2 files changed, 5 insertions(+)

diff --git a/nodes/node_balancer/cmd/data.go b/nodes/node_balancer/cmd/data.go
index b46c30d1..a7df1904 100644
--- a/nodes/node_balancer/cmd/data.go
+++ b/nodes/node_balancer/cmd/data.go
@@ -19,6 +19,7 @@ type NodeStatusResponse struct {
 
 type BugoutUserResponse struct {
 	ID string `json:"user_id"`
+	ApplicationID string `json:"application_id"`
 }
 
 // Node - which one node client worked with
diff --git a/nodes/node_balancer/cmd/middleware.go b/nodes/node_balancer/cmd/middleware.go
index b952936d..5e013e30 100644
--- a/nodes/node_balancer/cmd/middleware.go
+++ b/nodes/node_balancer/cmd/middleware.go
@@ -104,6 +104,10 @@ func authMiddleware(next http.Handler) http.Handler {
 			http.Error(w, "Wrong authorization header", http.StatusForbidden)
 			return
 		}
+		if userResponse.ApplicationID != configs.BUGOUT_NODE_BALANCER_APPLICATION_ID {
+			http.Error(w, "Wrong authorization header", http.StatusForbidden)
+			return
+		}
 
 		next.ServeHTTP(w, r)
 	})