athos. refactor GET /machine/info API

The request contains only the Secret.
This API is used to register the machines.

athos/main.go

@@ -70,7 +70,7 @@ func main() {
 		}
 		info := machine.Group("/info")
 		{
-			info.GET("/:uuid", methods.GetSystemByUuid)
+			info.GET("/", methods.GetSystemBySecret)
 		}
 	}
 

athos/methods/system.go

@@ -160,25 +160,17 @@ func GetSystems(c *gin.Context) {
 	c.JSON(http.StatusOK, systems)
 }
 
-func GetSystemByUuid(c *gin.Context) {
+func GetSystemBySecret(c *gin.Context) {
         var system models.System
-	uuid := c.Param("uuid")
-        db := database.Database()
-        db.Where("uuid = ?", uuid).First(&system)
-
-	sentSecret := middleware.GetSecret(c)
+        sentSecret := middleware.GetSecret(c)
 
-	// authentication secret must match requested system
-	if sentSecret != system.Secret {
-                c.JSON(http.StatusUnauthorized, gin.H{"message": "invalid authorization for requested system!"})
-		db.Close()
-                return
-	}
+        db := database.Database()
+        db.Where("secret = ?", sentSecret).First(&system)
 
         db.Preload("Subscription.SubscriptionPlan").Where("id = ? ", system.ID).First(&system)
         db.Close()
 
-	system.Secret = ""
+        system.Secret = ""
         c.JSON(http.StatusOK, system)
 }
 

athos/middleware/middleware.go

@@ -46,11 +46,19 @@ func GetSecret(c *gin.Context) string {
 		Authorization: token <TOKEN>
 	*/
 	authHeader := strings.Split(c.GetHeader("Authorization"), " ")
-	return authHeader[1]
+	if (len(authHeader) > 1) {
+		return authHeader[1]
+	} else {
+		return ""
+	}
 }
 
 func AuthSecret(c *gin.Context) {
 	secret := GetSecret(c)
+	if (secret == "") {
+                respondWithError(http.StatusUnauthorized, "invalid Secret", c)
+                return
+	}
         if utils.GetSystemFromSecret(secret).ID != 0 {
                 c.Next()
         } else {