sk/Perplexica
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Finalizes option to secure backend http endpoints with a token

Browse source 
- Also fixes to build commands in makefile
This commit is contained in:
Hristo 2024-05-10 18:11:23 -04:00
parent e6c2042df6
commit 4e20c4ac56
7 changed files with 24 additions and 17 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/app.ts
View file

@ -14,9 +14,15 @@ const server = http.createServer(app);
const corsOptions = {
origin: '*',
allowedHeaders: ['Authorization', 'Content-Type'],
};
app.use(cors(corsOptions));
if (getAccessKey()) {
app.all('*', requireAccessKey);
};
app.use(express.json());
app.use('/api', routes);
@ -24,10 +30,6 @@ app.get('/api', (_, res) => {
res.status(200).json({ status: 'ok' });
});
if (getAccessKey()) {
app.all('*', requireAccessKey);
};
server.listen(port, () => {
logger.info(`Server is running on port ${port}`);
});

5
src/auth.ts
View file

@ -1,8 +1,8 @@
import {
getAccessKey,
} from '../config';
} from './config';
const requireAccessKey = (req, res, next) => {
export const requireAccessKey = (req, res, next) => {
const authHeader = req.headers.authorization;
if (authHeader) {
@ -11,6 +11,7 @@ const requireAccessKey = (req, res, next) => {
if (token !== getAccessKey()) {
return res.sendStatus(403);
}
next();
} else {
res.sendStatus(401);