diff options
| author | Pitu <[email protected]> | 2019-03-29 00:36:50 +0900 |
|---|---|---|
| committer | Pitu <[email protected]> | 2019-03-29 00:36:50 +0900 |
| commit | b12cc4c28953ddef972193fd3986d6898bc4dba5 (patch) | |
| tree | cfe0695c4c8e2b0dba9ebe177180777e1f17b8d9 /src/api/structures/Route.js | |
| parent | Fix (diff) | |
| download | host.fuwn.me-b12cc4c28953ddef972193fd3986d6898bc4dba5.tar.xz host.fuwn.me-b12cc4c28953ddef972193fd3986d6898bc4dba5.zip | |
WIP apiKey validation
Diffstat (limited to 'src/api/structures/Route.js')
| -rw-r--r-- | src/api/structures/Route.js | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/src/api/structures/Route.js b/src/api/structures/Route.js index a359488..ecb2be0 100644 --- a/src/api/structures/Route.js +++ b/src/api/structures/Route.js @@ -13,6 +13,7 @@ const db = require('knex')({ }); const moment = require('moment'); const log = require('../utils/Log'); +const bcrypt = require('bcrypt'); class Route { constructor(path, method, options) { @@ -26,6 +27,8 @@ class Route { authorize(req, res) { if (this.options.bypassAuth) return this.run(req, res, db); + if (req.headers.apiKey) return this.authorizeApiKey(req, res, req.headers.apiKey); + if (!req.headers.authorization) return res.status(401).json({ message: 'No authorization header provided' }); const token = req.headers.authorization.split(' ')[1]; if (!token) return res.status(401).json({ message: 'No authorization header provided' }); @@ -48,6 +51,17 @@ class Route { }); } + authorizeApiKey(req, res, apiKey) { + if (this.options.noApiKey) return res.status(401).json({ message: 'Api Key not allowed for this resource' }); + + /* + Need to read more into how api keys work before proceeding any further + + const comparePassword = await bcrypt.compare(password, user.password); + if (!comparePassword) return res.status(401).json({ message: 'Invalid authorization.' }); + */ + } + run(req, res, db) { // eslint-disable-line no-unused-vars return; } |