chore(changelog): update unreleased changelog

- Switch language tool server image and add restart policy
- Update user, network, and API key configurations
- Adjust port for language tool server
- Add note about SSL encryption requirement
- Update license section with link to LICENSE file
- Add a horizontal rule for improved visual separation
- Include project link at the end for easier navigation

CHANGELOG.md

@@ -2,6 +2,27 @@
 
 All notable changes to this project will be documented in this file.
 
+## [unreleased]
+
+### 📚 Documentation
+
+- *(readme)* Update service configuration and license link - ([427cee1](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/427cee188404b00ec30c8f52f4a66c4609511a8f))
+- *(readme)* Update service configuration and license link - ([92b075d](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/92b075df558d2d52da9496f74f84c149d3b18df5))
+- *(readme)* Add project time badge - ([5597c2a](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/5597c2ae3fa3920340499e0b5924b75352591729))
+
+## [0.4.0](https://git.0xmax42.io/maxp/lt-auth-proxy/compare/v0.3.0..v0.4.0) - 2025-05-11
+
+### 🚀 Features
+
+- *(server)* Add graceful shutdown handling - ([d57cc27](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/d57cc27e19e68c13ac08af223c3721a9c45fafd1))
+
+## [0.3.0](https://git.0xmax42.io/maxp/lt-auth-proxy/compare/v0.2.1..v0.3.0) - 2025-05-11
+
+### 🚀 Features
+
+- *(logging)* Add debug logs for key validation and request handling - ([3299419](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/32994197261e9ab5a46df5f90f2faed89cd68558))
+- *(utils)* Add utility to mask API keys - ([79dfbcf](https://git.0xmax42.io/maxp/lt-auth-proxy/commit/79dfbcf053d613fe3fff63bfd24537a1665c9389))
+
 ## [0.2.1](https://git.0xmax42.io/maxp/lt-auth-proxy/compare/v0.1.1..v0.2.1) - 2025-05-11
 
 ### 🚀 Features

README.md

@@ -1,5 +1,7 @@
 # lt-auth-proxy
 
+![Project Time](https://waka.0xmax42.io/api/badge/0XMax42/interval:today/project:lt-auth-proxy?label=Project%20Time)
+
 A lightweight, production-ready reverse proxy for [LanguageTool](https://languagetool.org) with API key authentication.
 
 This service acts as a transparent gateway that verifies an `apiKey` before forwarding requests to a running LanguageTool server instance. It is fully self-contained, built in Deno, and distributed as a minimal multi-architecture Docker image.
@@ -60,23 +62,30 @@ src/
 ```yaml
 services:
   lt-server:
-    image: languagetool/languagetool:latest
-    ports:
-      - "8010:8010"
+    image: meyay/languagetool:latest
+    restart: unless-stopped
+    user: "783:783"
+    networks:
+      - default
 
   proxy:
     image: git.0xmax42.io/maxp/lt-auth-proxy:latest
     ports:
       - "8011:8011"
     environment:
-      - API_KEYS=demo-key
+      - API_KEYS=demo-key,another-key
       - LT_SERVER_HOST=lt-server
-      - LT_SERVER_PORT=8010
+      - LT_SERVER_PORT=8081
 ```
 
+Please note that this setup does not include SSL encryption. A reverse proxy such as Traefik should be used for this.
+
 ---
 
 ## 📖 License
 
-MIT © 0xMax42
+[MIT © 0xMax42](./LICENSE)
+
+---
+
 [https://git.0xmax42.io/maxp/lt-auth-proxy](https://git.0xmax42.io/maxp/lt-auth-proxy)

VERSION

@@ -1 +1 @@
-0.2.1
+0.4.0

src/ltProxyAuth.ts

@@ -1,5 +1,6 @@
 import { Middleware } from 'http-kernel/Types/mod.ts';
 import { Env } from './env.ts';
+import { maskApiKey } from './utils.ts';
 
 /**
  * Middleware that checks for a valid API key via form param.
@@ -17,12 +18,15 @@ export const authMiddleware: Middleware = async (ctx, next) => {
         const key = params.get('apiKey');
 
         if (!key || !Env.apiKeys.includes(key)) {
+            console.debug('Invalid API key:', maskApiKey(key));
             return new Response('Forbidden – Invalid API key', { status: 403 });
         }
     } else {
+        console.debug('Unsupported content type:', contentType);
         return new Response('Unsupported content type', { status: 415 });
     }
 
+    console.debug('Valid API key:', maskApiKey(ctx.req.headers.get('apiKey')));
     return await next();
 };
 

src/ltProxyHandler.ts

@@ -37,12 +37,16 @@ export const handler: Handler = async (ctx) => {
     const headers = new Headers(ctx.req.headers);
     headers.delete('content-length');
 
+    console.debug('Forwarding request to:', proxyUrl.toString());
+
     const forwarded = await fetch(proxyUrl.toString(), {
         method: ctx.req.method,
         headers,
         body,
     });
 
+    console.debug('Received response from LT server:', forwarded.status);
+
     const respHeaders = new Headers(forwarded.headers);
     return new Response(forwarded.body, {
         status: forwarded.status,

src/main.ts

@@ -3,6 +3,7 @@ import { Env } from './env.ts';
 import { ltProxyAuth } from './ltProxyAuth.ts';
 import { ltProxyHandler } from './ltProxyHandler.ts';
 
+const ac = new AbortController();
 const httpKernel = new HttpKernel();
 
 httpKernel.route({
@@ -11,9 +12,19 @@ httpKernel.route({
 }).middleware(ltProxyAuth).handle(ltProxyHandler);
 
 Deno.serve({
+    signal: ac.signal,
     port: Env.proxyPort,
     hostname: Env.proxyHost,
     onListen: ({ hostname, port }) => {
         console.info(`lt-auth-proxy listening on ${hostname}:${port}`);
     },
 }, async (req) => await httpKernel.handle(req));
+
+const shutdown = () => {
+    console.info('Shutting down the server...');
+    ac.abort();
+    console.info('Server shut down successfully.');
+};
+
+Deno.addSignalListener('SIGINT', shutdown);
+Deno.addSignalListener('SIGTERM', shutdown);

src/utils.ts

@@ -0,0 +1,6 @@
+export const maskApiKey = (key: string | null): string => {
+    if (!key) return '*****';
+    return key.length <= 5
+        ? '*'.repeat(key.length)
+        : key.slice(0, 5) + '*'.repeat(key.length - 5);
+};