mirror of
https://github.com/rowboatlabs/rowboat.git
synced 2026-05-28 19:05:31 +02:00
28 lines
1,015 B
TypeScript
28 lines
1,015 B
TypeScript
import { NextRequest } from "next/server";
|
|
import { apiKeysCollection, projectsCollection } from "../../lib/mongodb";
|
|
|
|
export async function authCheck(projectId: string, req: NextRequest, handler: () => Promise<Response>): Promise<Response> {
|
|
const authHeader = req.headers.get('Authorization');
|
|
if (!authHeader?.startsWith('Bearer ')) {
|
|
return Response.json({ error: "Authorization header must be a Bearer token" }, { status: 400 });
|
|
}
|
|
const key = authHeader.split(' ')[1];
|
|
if (!key) {
|
|
return Response.json({ error: "Missing API key in request" }, { status: 400 });
|
|
}
|
|
|
|
// check if api key is valid
|
|
// while also updating last used timestamp
|
|
const result = await apiKeysCollection.findOneAndUpdate(
|
|
{
|
|
projectId,
|
|
key,
|
|
},
|
|
{ $set: { lastUsedAt: new Date().toISOString() } }
|
|
);
|
|
if (!result) {
|
|
return Response.json({ error: "Invalid API key" }, { status: 403 });
|
|
}
|
|
|
|
return await handler();
|
|
}
|