Komodo / komodo-gw-komodo-httpgex | GitLab

Blame view

lib/callback/apikey-checker.js 2.25 KB

edit raw normal view history

d4661aa84 Adhidarma Hadiwinoto Ready to test pre...	1 2 3	const MODULE_NAME = 'CALLBACK.APIKEY-CHECKER'; const config = require('komodo-sdk/config');
3d8701130 Adhidarma Hadiwinoto Migrate to tektra...	4	const logger = require('tektrans-logger');
d4661aa84 Adhidarma Hadiwinoto Ready to test pre...	5
8da76739e Adhidarma Hadiwinoto config.partner.ca...	6 7	const DEBUG_CALLBACK_APIKEY = process.env.DEBUG_CALLBACK_APIKEY \|\| (config.partner && config.partner.callback && config.partner.callback.debug_apikey);
15d2aafc8 Adhidarma Hadiwinoto Callback apikey d...	8
d4661aa84 Adhidarma Hadiwinoto Ready to test pre...	9 10 11 12 13 14 15 16	const sendInvalidApikeyResponse = (xid, res) => { res.status(403).json({ status: 'NOT-OK', error: 'Invalid APIKEY', ts: new Date(), xid, }); };
3b5cc7711 Adhidarma Hadiwinoto Warn on no callba...	17 18 19	if (!config.partner.callback.apikey) { logger.warn(`${MODULE_NAME} 56420201: Missing config.partner.callback.apikey. Please consider to set it for security reason`); }
d4661aa84 Adhidarma Hadiwinoto Ready to test pre...	20	module.exports = (req, res, next) => {
15d2aafc8 Adhidarma Hadiwinoto Callback apikey d...	21 22	const { xid } = res.locals; const apikeyFromRequest = req.params.apikey;
d4661aa84 Adhidarma Hadiwinoto Ready to test pre...	23	if (!config.partner \|\| !config.partner.callback \|\| !config.partner.callback.apikey) {
15d2aafc8 Adhidarma Hadiwinoto Callback apikey d...	24 25 26 27 28	if (DEBUG_CALLBACK_APIKEY) { logger.verbose(`${MODULE_NAME} 8BE57EB4: Skip APIKEY checker on no config`, { xid, }); }
d4661aa84 Adhidarma Hadiwinoto Ready to test pre...	29 30 31	next(); return; }
15d2aafc8 Adhidarma Hadiwinoto Callback apikey d...	32 33 34 35 36 37	if (DEBUG_CALLBACK_APIKEY) { logger.verbose(`${MODULE_NAME} 1A634029: Checking for apikey validity`, { xid, apikeyFromRequest, }); }
d4661aa84 Adhidarma Hadiwinoto Ready to test pre...	38 39 40 41 42 43	if ( typeof config.partner.callback.apikey === 'object' && Array.isArray(config.partner.callback.apikey) && config.partner.callback.apikey.indexOf(apikeyFromRequest) >= 0 ) {
15d2aafc8 Adhidarma Hadiwinoto Callback apikey d...	44 45 46 47 48 49	if (DEBUG_CALLBACK_APIKEY) { logger.verbose(`${MODULE_NAME} 4BC7B45D: Apikey match with one of array element`, { xid, apikeyFromRequest, }); }
d4661aa84 Adhidarma Hadiwinoto Ready to test pre...	50 51 52 53 54 55 56 57	next(); return; } if ( typeof config.partner.callback.apikey === 'string' && config.partner.callback.apikey === apikeyFromRequest ) {
15d2aafc8 Adhidarma Hadiwinoto Callback apikey d...	58 59 60 61 62 63	if (DEBUG_CALLBACK_APIKEY) { logger.verbose(`${MODULE_NAME} FC80DC85: Apikey match with string config`, { xid, apikeyFromRequest, }); }
d4661aa84 Adhidarma Hadiwinoto Ready to test pre...	64 65 66 67 68 69 70 71 72 73 74 75 76	next(); return; } logger.warn(`${MODULE_NAME} A4D719C2: Invalid apikey`, { xid, remoteIp: req.ip, url: req.url, apikeyFromRequest, }); sendInvalidApikeyResponse(xid, res); };