aboutsummaryrefslogtreecommitdiff
path: root/src/api/structures
diff options
context:
space:
mode:
Diffstat (limited to 'src/api/structures')
-rw-r--r--src/api/structures/Route.js14
1 files changed, 14 insertions, 0 deletions
diff --git a/src/api/structures/Route.js b/src/api/structures/Route.js
index a359488..ecb2be0 100644
--- a/src/api/structures/Route.js
+++ b/src/api/structures/Route.js
@@ -13,6 +13,7 @@ const db = require('knex')({
});
const moment = require('moment');
const log = require('../utils/Log');
+const bcrypt = require('bcrypt');
class Route {
constructor(path, method, options) {
@@ -26,6 +27,8 @@ class Route {
authorize(req, res) {
if (this.options.bypassAuth) return this.run(req, res, db);
+ if (req.headers.apiKey) return this.authorizeApiKey(req, res, req.headers.apiKey);
+
if (!req.headers.authorization) return res.status(401).json({ message: 'No authorization header provided' });
const token = req.headers.authorization.split(' ')[1];
if (!token) return res.status(401).json({ message: 'No authorization header provided' });
@@ -48,6 +51,17 @@ class Route {
});
}
+ authorizeApiKey(req, res, apiKey) {
+ if (this.options.noApiKey) return res.status(401).json({ message: 'Api Key not allowed for this resource' });
+
+ /*
+ Need to read more into how api keys work before proceeding any further
+
+ const comparePassword = await bcrypt.compare(password, user.password);
+ if (!comparePassword) return res.status(401).json({ message: 'Invalid authorization.' });
+ */
+ }
+
run(req, res, db) { // eslint-disable-line no-unused-vars
return;
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-27 07:06:57 +0000