27 lines
675 B
TypeScript
27 lines
675 B
TypeScript
import env from "../environment"
|
|
import { constants, utils } from "@budibase/backend-core"
|
|
import { BBContext } from "@budibase/types"
|
|
|
|
/**
|
|
* This is a restricted endpoint in the cloud.
|
|
* Ensure that the correct API key has been supplied.
|
|
*/
|
|
export default async (ctx: BBContext, next: any) => {
|
|
if (!env.SELF_HOSTED && !env.DISABLE_ACCOUNT_PORTAL) {
|
|
const apiKey = ctx.request.headers[constants.Header.API_KEY]
|
|
if (!apiKey) {
|
|
ctx.throw(403, "Unauthorized")
|
|
}
|
|
|
|
if (Array.isArray(apiKey)) {
|
|
ctx.throw(403, "Unauthorized")
|
|
}
|
|
|
|
if (!utils.isValidInternalAPIKey(apiKey)) {
|
|
ctx.throw(403, "Unauthorized")
|
|
}
|
|
}
|
|
|
|
return next()
|
|
}
|