Initial commit — Performance West telecom compliance platform
Includes: API (Express/TypeScript), Astro site, Python workers, document generators, FCC compliance tools, Canada CRTC formation, Ansible infrastructure, and deployment scripts. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
commit
f8cd37ac8c
1823 changed files with 145167 additions and 0 deletions
27
api/src/middleware/internal-auth.ts
Normal file
27
api/src/middleware/internal-auth.ts
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
// internal-auth.ts — Shared-secret authentication for internal API endpoints
|
||||
// Used by Verilex Data to access bulk entity export and name search endpoints.
|
||||
|
||||
import type { Request, Response, NextFunction } from "express";
|
||||
|
||||
const INTERNAL_API_KEY = process.env.PW_INTERNAL_API_KEY || "";
|
||||
|
||||
export function internalAuth(req: Request, res: Response, next: NextFunction): void {
|
||||
if (!INTERNAL_API_KEY) {
|
||||
res.status(503).json({ error: "Internal API not configured" });
|
||||
return;
|
||||
}
|
||||
|
||||
const authHeader = req.headers.authorization || "";
|
||||
if (!authHeader.startsWith("Bearer ")) {
|
||||
res.status(401).json({ error: "Missing Authorization header" });
|
||||
return;
|
||||
}
|
||||
|
||||
const token = authHeader.slice(7);
|
||||
if (token !== INTERNAL_API_KEY) {
|
||||
res.status(401).json({ error: "Invalid API key" });
|
||||
return;
|
||||
}
|
||||
|
||||
next();
|
||||
}
|
||||
Loading…
Add table
Add a link
Reference in a new issue