Making it obvious that API key is invalid - error otherwise is quite cryptic.
This commit is contained in:
parent
17db2d407a
commit
29fc91d6d1
|
@ -48,22 +48,31 @@ async function checkApiKey(apiKey: string, populateUser?: Function) {
|
||||||
const decrypted = decrypt(apiKey)
|
const decrypted = decrypt(apiKey)
|
||||||
const tenantId = decrypted.split(SEPARATOR)[0]
|
const tenantId = decrypted.split(SEPARATOR)[0]
|
||||||
return doInTenant(tenantId, async () => {
|
return doInTenant(tenantId, async () => {
|
||||||
const db = getGlobalDB()
|
let userId
|
||||||
// api key is encrypted in the database
|
try {
|
||||||
const userId = (await queryGlobalView(
|
const db = getGlobalDB()
|
||||||
ViewName.BY_API_KEY,
|
// api key is encrypted in the database
|
||||||
{
|
userId = (await queryGlobalView(
|
||||||
key: apiKey,
|
ViewName.BY_API_KEY,
|
||||||
},
|
{
|
||||||
db
|
key: apiKey,
|
||||||
)) as string
|
},
|
||||||
|
db
|
||||||
|
)) as string
|
||||||
|
} catch (err) {
|
||||||
|
userId = undefined
|
||||||
|
}
|
||||||
if (userId) {
|
if (userId) {
|
||||||
return {
|
return {
|
||||||
valid: true,
|
valid: true,
|
||||||
user: await getUser(userId, tenantId, populateUser),
|
user: await getUser(userId, tenantId, populateUser),
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
throw "Invalid API key"
|
throw {
|
||||||
|
message:
|
||||||
|
"Invalid API key - may need re-generated, or user doesn't exist",
|
||||||
|
name: "InvalidApiKey",
|
||||||
|
}
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
@ -164,8 +173,10 @@ export default function (
|
||||||
console.error(`Auth Error: ${err.message}`)
|
console.error(`Auth Error: ${err.message}`)
|
||||||
console.error(err)
|
console.error(err)
|
||||||
// invalid token, clear the cookie
|
// invalid token, clear the cookie
|
||||||
if (err && err.name === "JsonWebTokenError") {
|
if (err?.name === "JsonWebTokenError") {
|
||||||
clearCookie(ctx, Cookie.Auth)
|
clearCookie(ctx, Cookie.Auth)
|
||||||
|
} else if (err?.name === "InvalidApiKey") {
|
||||||
|
ctx.throw(403, err.message)
|
||||||
}
|
}
|
||||||
// allow configuring for public access
|
// allow configuring for public access
|
||||||
if ((opts && opts.publicAllowed) || publicEndpoint) {
|
if ((opts && opts.publicAllowed) || publicEndpoint) {
|
||||||
|
|
Loading…
Reference in New Issue