Add authorized checking

app/app.py

@@ -2,22 +2,37 @@
 import os
 import kopf
 import prometheus_async
+from functools import wraps
 from sanic import Sanic, response
 from sanic import exceptions
 
 app = Sanic("users-proxy")
 devenv = bool(os.getenv("DEV_ENV", False))
+api_key = os.environ["API_KEY"]
 users_lookup = {}
 
+def authorized():
+    def decorator(f):
+        @wraps(f)
+        async def decorated_function(request, *args, **kwargs):
+            if request.token and request.token == api_key:
+                return await f(request, *args, **kwargs)
+            else:
+                return response.json({"status": "not_authorized"}, 403)
+        return decorated_function
+    return decorator
+
 @app.route("/", methods=["GET"])
 async def get_index(request):
     return response.text("hello")
 
 @app.route("/users", methods=["GET"])
+@authorized()
 async def get_users(request):
     return response.json(list(users_lookup.values()))
 
 @app.route("/users/<username:str>", methods=["GET"])
+@authorized()
 async def get_single_user(request, username: str):
     user = users_lookup.get(username)
     if user:

deployment.yaml

@@ -21,6 +21,8 @@ spec:
         - name: users-proxy
           image: users-proxy
           env:
+            - name: API_KEY
+              value: 'changeme'
             - name: DEV_ENV
               value: 'true'
           ports: