Making it obvious that API key is invalid - error otherwise is quite cryptic.
This commit is contained in:
parent
17db2d407a
commit
29fc91d6d1
|
@ -48,22 +48,31 @@ async function checkApiKey(apiKey: string, populateUser?: Function) {
|
|||
const decrypted = decrypt(apiKey)
|
||||
const tenantId = decrypted.split(SEPARATOR)[0]
|
||||
return doInTenant(tenantId, async () => {
|
||||
let userId
|
||||
try {
|
||||
const db = getGlobalDB()
|
||||
// api key is encrypted in the database
|
||||
const userId = (await queryGlobalView(
|
||||
userId = (await queryGlobalView(
|
||||
ViewName.BY_API_KEY,
|
||||
{
|
||||
key: apiKey,
|
||||
},
|
||||
db
|
||||
)) as string
|
||||
} catch (err) {
|
||||
userId = undefined
|
||||
}
|
||||
if (userId) {
|
||||
return {
|
||||
valid: true,
|
||||
user: await getUser(userId, tenantId, populateUser),
|
||||
}
|
||||
} else {
|
||||
throw "Invalid API key"
|
||||
throw {
|
||||
message:
|
||||
"Invalid API key - may need re-generated, or user doesn't exist",
|
||||
name: "InvalidApiKey",
|
||||
}
|
||||
}
|
||||
})
|
||||
}
|
||||
|
@ -164,8 +173,10 @@ export default function (
|
|||
console.error(`Auth Error: ${err.message}`)
|
||||
console.error(err)
|
||||
// invalid token, clear the cookie
|
||||
if (err && err.name === "JsonWebTokenError") {
|
||||
if (err?.name === "JsonWebTokenError") {
|
||||
clearCookie(ctx, Cookie.Auth)
|
||||
} else if (err?.name === "InvalidApiKey") {
|
||||
ctx.throw(403, err.message)
|
||||
}
|
||||
// allow configuring for public access
|
||||
if ((opts && opts.publicAllowed) || publicEndpoint) {
|
||||
|
|
Loading…
Reference in New Issue