Komodo / komodo-gw-komodo-httpgex

Blame view

lib/callback/apikey-checker.js 1.34 KB
edit raw normal view history
d4661aa84   Adhidarma Hadiwinoto   Ready to test pre... 
1
2
3
 
  const MODULE_NAME = 'CALLBACK.APIKEY-CHECKER';
  
  const config = require('komodo-sdk/config');
3d8701130   Adhidarma Hadiwinoto   Migrate to tektra... 
4
 
  const logger = require('tektrans-logger');
d4661aa84   Adhidarma Hadiwinoto   Ready to test pre... 
5
6
7
8
9
10
11
12
13
 
  
  const sendInvalidApikeyResponse = (xid, res) => {
      res.status(403).json({
          status: 'NOT-OK',
          error: 'Invalid APIKEY',
          ts: new Date(),
          xid,
      });
  };
3b5cc7711   Adhidarma Hadiwinoto   Warn on no callba... 
14
15
16
 
  if (!config.partner.callback.apikey) {
      logger.warn(`${MODULE_NAME} 56420201: Missing config.partner.callback.apikey. Please consider to set it for security reason`);
  }
d4661aa84   Adhidarma Hadiwinoto   Ready to test pre... 
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
 
  module.exports = (req, res, next) => {
      if (!config.partner || !config.partner.callback || !config.partner.callback.apikey) {
          next();
          return;
      }
  
      const { xid } = res.locals;
      const apikeyFromRequest = req.params.apikey;
  
      if (
          typeof config.partner.callback.apikey === 'object'
          && Array.isArray(config.partner.callback.apikey)
          && config.partner.callback.apikey.indexOf(apikeyFromRequest) >= 0
      ) {
          next();
          return;
      }
  
      if (
          typeof config.partner.callback.apikey === 'string'
          && config.partner.callback.apikey === apikeyFromRequest
      ) {
          next();
          return;
      }
  
      logger.warn(`${MODULE_NAME} A4D719C2: Invalid apikey`, {
          xid,
          remoteIp: req.ip,
          url: req.url,
          apikeyFromRequest,
      });
  
      sendInvalidApikeyResponse(xid, res);
  };