@kanadi/core
Version:
Multi-Layer CAPTCHA Framework with customizable validators and challenge bundles
35 lines (28 loc) • 993 B
text/typescript
import {
CanActivate,
ExecutionContext,
Injectable,
UnauthorizedException,
} from "@nestjs/common";
import { createLogger } from "../../utils/logger";
()
export class ApiKeyGuard implements CanActivate {
private readonly logger = createLogger(ApiKeyGuard.name);
canActivate(context: ExecutionContext): boolean {
const request = context.switchToHttp().getRequest();
const apiKey =
request.headers["x-api-key"] ||
request.headers["authorization"]?.replace("Bearer ", "");
const validApiKey = process.env.KANADI_ADMIN_API_KEY;
if (!validApiKey) {
this.logger.error("KANADI_ADMIN_API_KEY not configured in environment");
throw new Error("Admin API key not configured");
}
if (!apiKey || apiKey !== validApiKey) {
this.logger.warn(`Unauthorized admin API access attempt from ${request.ip}`);
throw new UnauthorizedException("Invalid or missing API key");
}
this.logger.log(`Admin API access granted from ${request.ip}`);
return true;
}
}