support for external webhooks

packages/builder/src/components/settings/tabs/APIKeys.svelte

@@ -1,6 +1,7 @@
 <script>
-  import { Input } from "@budibase/bbui"
+  import { Input, Label } from "@budibase/bbui"
   import api from "builderStore/api"
+  import { backendUiStore } from "builderStore"
   import analytics from "analytics"
 
   let keys = { budibase: "" }
@@ -38,6 +39,10 @@
     edit
     value={keys.budibase}
     label="Budibase API Key" />
+  <div>
+    <Label extraSmall grey>Instance ID (Webhooks)</Label>
+    <span>{$backendUiStore.selectedDatabase._id}</span>
+  </div>
 </div>
 
 <style>
@@ -45,4 +50,9 @@
     display: grid;
     grid-gap: var(--spacing-xl);
   }
+
+  span {
+    font-size: var(--font-size-xs);
+    font-weight: 500;
+  }
 </style>

packages/server/src/middleware/authorized.js

@@ -5,8 +5,33 @@ const {
   BUILDER_LEVEL_ID,
   BUILDER,
 } = require("../utilities/accessLevels")
+const environment = require("../environment")
+const { apiKeyTable } = require("../db/dynamoClient")
 
 module.exports = (permName, getItemId) => async (ctx, next) => {
+  if (
+    environment.CLOUD &&
+    ctx.headers["x-api-key"] &&
+    ctx.headers["x-instanceid"]
+  ) {
+    // api key header passed by external webhook
+    const apiKeyInfo = await apiKeyTable.get({
+      primary: ctx.headers["x-api-key"],
+    })
+
+    if (apiKeyInfo) {
+      ctx.isAuthenticated = true
+      ctx.externalWebhook = true
+      ctx.apiKey = ctx.headers["x-api-key"]
+      ctx.user = {
+        instanceId: ctx.headers["x-instanceid"],
+      }
+      return next()
+    }
+
+    ctx.throw(403, "API key invalid")
+  }
+
   if (!ctx.isAuthenticated) {
     ctx.throw(403, "Session not authenticated")
   }