Switch to HTTP

lib/birdy_chat_web/api/server/internal/controller.ex

@@ -0,0 +1,34 @@
+defmodule BirdyChatWeb.Api.Server.Internal.Controller do
+  use BirdyChatWeb, :controller
+
+  def create(conn, params) do
+    if authorised?(conn.req_headers, params) do
+      case BirdyChat.Message.validate(params) do
+        {:ok, changeset} ->
+          case BirdyChat.MessageWriter.write(changeset.changes) do
+            :ok ->
+              conn
+              |> put_status(:created)
+              |> render(:create, message: changeset.changes)
+          end
+      end
+    else
+      conn
+      |> put_status(:forbidden)
+      |> render(:error, message: "Unauthorised")
+    end
+  end
+
+  defp authorised?(headers, %{"from" => from}) do
+    case Enum.find(headers, fn {key, _value} -> key == "authorization" end) do
+      nil ->
+        false
+
+      {"authorization", token} ->
+        case Phoenix.Token.verify(BirdyChatWeb.Endpoint, "serverAuth", token, max_age: 1200) do
+          {:ok, id} -> id == from
+          {:error, :invalid} -> false
+        end
+    end
+  end
+end