f8cd37ac8c
Includes: API (Express/TypeScript), Astro site, Python workers, document generators, FCC compliance tools, Canada CRTC formation, Ansible infrastructure, and deployment scripts. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
27 lines
830 B
TypeScript
27 lines
830 B
TypeScript
// internal-auth.ts — Shared-secret authentication for internal API endpoints
|
|
// Used by Verilex Data to access bulk entity export and name search endpoints.
|
|
|
|
import type { Request, Response, NextFunction } from "express";
|
|
|
|
const INTERNAL_API_KEY = process.env.PW_INTERNAL_API_KEY || "";
|
|
|
|
export function internalAuth(req: Request, res: Response, next: NextFunction): void {
|
|
if (!INTERNAL_API_KEY) {
|
|
res.status(503).json({ error: "Internal API not configured" });
|
|
return;
|
|
}
|
|
|
|
const authHeader = req.headers.authorization || "";
|
|
if (!authHeader.startsWith("Bearer ")) {
|
|
res.status(401).json({ error: "Missing Authorization header" });
|
|
return;
|
|
}
|
|
|
|
const token = authHeader.slice(7);
|
|
if (token !== INTERNAL_API_KEY) {
|
|
res.status(401).json({ error: "Invalid API key" });
|
|
return;
|
|
}
|
|
|
|
next();
|
|
}
|