budibase/packages/worker/src/middleware/cloudRestricted.ts

27 lines
675 B
TypeScript
Raw Normal View History

import env from "../environment"
import { constants, utils } from "@budibase/backend-core"
import { BBContext } from "@budibase/types"
/**
* This is a restricted endpoint in the cloud.
* Ensure that the correct API key has been supplied.
*/
export default async (ctx: BBContext, next: any) => {
if (!env.SELF_HOSTED && !env.DISABLE_ACCOUNT_PORTAL) {
const apiKey = ctx.request.headers[constants.Header.API_KEY]
if (!apiKey) {
ctx.throw(403, "Unauthorized")
}
if (Array.isArray(apiKey)) {
ctx.throw(403, "Unauthorized")
}
if (!utils.isValidInternalAPIKey(apiKey)) {
ctx.throw(403, "Unauthorized")
}
}
return next()
}