1ef8f5743c
Some checks failed
Deploy to Production / Deploy to Server (push) Failing after 20s
- Include compiled TypeScript with new /impressum, /privacy, /terms routes - Temporary commit of dist files for Docker deployment
23 lines
714 B
JavaScript
23 lines
714 B
JavaScript
import { isValidKey, getKeyInfo } from "../services/keys.js";
|
|
export function authMiddleware(req, res, next) {
|
|
const header = req.headers.authorization;
|
|
const xApiKey = req.headers["x-api-key"];
|
|
let key;
|
|
if (header?.startsWith("Bearer ")) {
|
|
key = header.slice(7);
|
|
}
|
|
else if (xApiKey) {
|
|
key = xApiKey;
|
|
}
|
|
if (!key) {
|
|
res.status(401).json({ error: "Missing API key. Use: Authorization: Bearer <key> or X-API-Key: <key>" });
|
|
return;
|
|
}
|
|
if (!isValidKey(key)) {
|
|
res.status(403).json({ error: "Invalid API key" });
|
|
return;
|
|
}
|
|
// Attach key info to request for downstream use
|
|
req.apiKeyInfo = getKeyInfo(key);
|
|
next();
|
|
}
|