const MODULE_NAME = 'CALLBACK.APIKEY-CHECKER'; const config = require('komodo-sdk/config'); const logger = require('tektrans-logger'); const sendInvalidApikeyResponse = (xid, res) => { res.status(403).json({ status: 'NOT-OK', error: 'Invalid APIKEY', ts: new Date(), xid, }); }; module.exports = (req, res, next) => { if (!config.partner || !config.partner.callback || !config.partner.callback.apikey) { next(); return; } const { xid } = res.locals; const apikeyFromRequest = req.params.apikey; if ( typeof config.partner.callback.apikey === 'object' && Array.isArray(config.partner.callback.apikey) && config.partner.callback.apikey.indexOf(apikeyFromRequest) >= 0 ) { next(); return; } if ( typeof config.partner.callback.apikey === 'string' && config.partner.callback.apikey === apikeyFromRequest ) { next(); return; } logger.warn(`${MODULE_NAME} A4D719C2: Invalid apikey`, { xid, remoteIp: req.ip, url: req.url, apikeyFromRequest, }); sendInvalidApikeyResponse(xid, res); };