@neuralegion/passport-headerapikey/lib/Strategy.js

Api key authentication strategy for Passport, which only handles headers (not body fields).

"use strict";
/**
 *  Creator: Christian Hotz
 *  Company: hydra newmedia GmbH
 *  Date: 27.06.16
 *
 *  Copyright hydra newmedia GmbH
 */
var __extends = (this && this.__extends) || (function () {
    var extendStatics = function (d, b) {
        extendStatics = Object.setPrototypeOf ||
            ({ __proto__: [] } instanceof Array && function (d, b) { d.__proto__ = b; }) ||
            function (d, b) { for (var p in b) if (b.hasOwnProperty(p)) d[p] = b[p]; };
        return extendStatics(d, b);
    };
    return function (d, b) {
        extendStatics(d, b);
        function __() { this.constructor = d; }
        d.prototype = b === null ? Object.create(b) : (__.prototype = b.prototype, new __());
    };
})();
Object.defineProperty(exports, "__esModule", { value: true });
exports.Strategy = void 0;
var passport_strategy_1 = require("passport-strategy");
var Strategy = /** @class */ (function (_super) {
    __extends(Strategy, _super);
    function Strategy(options, verify) {
        var _a, _b;
        var _this = _super.call(this) || this;
        if (!options) {
            options = {};
        }
        _this._options = {
            realm: options.realm || 'Users',
            passReqToCallback: (_a = options.passReqToCallback) !== null && _a !== void 0 ? _a : false,
            prefix: (_b = options.prefix) !== null && _b !== void 0 ? _b : '',
            header: (options.header || 'X-Api-Key').toLowerCase()
        };
        if (options.scope) {
            _this.options.scope = Array.isArray(options.scope)
                ? options.scope
                : [options.scope];
        }
        _this.name = 'headerapikey';
        _this.prefixPattern = new RegExp('^' + _this._options.prefix, 'i');
        _this.verify = verify;
        return _this;
    }
    Object.defineProperty(Strategy.prototype, "options", {
        get: function () {
            return this._options;
        },
        enumerable: false,
        configurable: true
    });
    Strategy.prototype.authenticate = function (req) {
        var _this = this;
        var apiKey = req.header(this._options.header);
        if (!apiKey) {
            return this.fail(this._challenge(), 401);
        }
        if (this.prefixPattern.test(apiKey)) {
            apiKey = apiKey.replace(this.prefixPattern, '').trim();
        }
        else {
            return this.fail(this._challenge('invalid_prefix', "Invalid API key prefix, " + this._options.header + " header should start with \"" + this._options.prefix + "\""), 401);
        }
        var verified = function (err, user, info) {
            if (err) {
                return _this.error(err);
            }
            if (!user) {
                var message = typeof info === 'string' ? info : (info || {}).message;
                return _this.fail(_this._challenge('invalid_key', message), 401);
            }
            _this.success(user, info);
        };
        var callbackParams = [req, apiKey, verified];
        if (!this._options.passReqToCallback) {
            callbackParams.shift();
        }
        // eslint-disable-next-line @typescript-eslint/ban-ts-ignore
        // @ts-ignore
        this.verify.apply(this, callbackParams);
    };
    Strategy.prototype._challenge = function (code, desc) {
        // eslint-disable-next-line @typescript-eslint/restrict-plus-operands
        var challenge = this._options.prefix + ' realm="' + this._options.realm + '"';
        if (this.options.scope) {
            challenge +=
                ', scope="' + this.options.scope.join(' ') + '"';
        }
        if (code) {
            challenge += ', error="' + code + '"';
        }
        if (desc && desc.length) {
            challenge += ', error_description="' + desc + '"';
        }
        return challenge;
    };
    return Strategy;
}(passport_strategy_1.Strategy));
exports.Strategy = Strategy;