public-offering
/
cal.pub0.org
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

rename apiKey

pull/9078/head
Agusti Fernandez Pardo 2022-04-23 02:26:35 +02:00
parent 2009e6f0fb
commit 4e8fae7391
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
lib/helpers/verifyApiKey.ts
View File

@ -11,7 +11,7 @@ declare module "next" {
}
}
// Used to check if the API key is not expired, could be extracted if reused. but not for now.
// Used to check if the apiKey is not expired, could be extracted if reused. but not for now.
export const dateNotInPast = function (date: Date) {
const now = new Date();
if (now.setHours(0, 0, 0, 0) <= date.setHours(0, 0, 0, 0)) {
@ -19,9 +19,9 @@ export const dateNotInPast = function (date: Date) {
}
};
// This verifies the API key and sets the user if it is valid.
// This verifies the apiKey and sets the user if it is valid.
export const verifyApiKey: NextMiddleware = async (req, res, next) => {
if (!req.query.apiKey) return res.status(401).json({ message: "No api key provided" });
if (!req.query.apiKey) return res.status(401).json({ message: "No apiKey provided" });
// We remove the prefix from the user provided api_key. If no env set default to "cal_"
const strippedApiKey = `${req.query.apiKey}`.replace(process.env.API_KEY_PREFIX || "cal_", "");
// Hash the key again before matching against the database records.
@ -29,11 +29,11 @@ export const verifyApiKey: NextMiddleware = async (req, res, next) => {
// Check if the hashed api key exists in database.
const apiKey = await prisma.apiKey.findUnique({ where: { hashedKey } });
// If we cannot find any api key. Throw a 401 Unauthorized.
if (!apiKey) return res.status(401).json({ error: "Your api key is not valid" });
if (!apiKey) return res.status(401).json({ error: "Your apiKey is not valid" });
if (apiKey.expiresAt && dateNotInPast(apiKey.expiresAt)) {
return res.status(401).json({ error: "This api key is expired" });
return res.status(401).json({ error: "This apiKey is expired" });
}
if (!apiKey.userId) return res.status(404).json({ error: "No user found for this api key" });
if (!apiKey.userId) return res.status(404).json({ error: "No user found for this apiKey" });
/* We save the user id in the request for later use */
req.userId = apiKey.userId;
await next();