UNPKG

novagate

Version:

Novagate is a flexible and fast API key middleware system for Node.js apps. It provides authentication, usage limits, burst protection, suspension, logging, and analytics.

github.com/Pavan-Kumar-KN/novagate-core

Pavan-Kumar-KN/novagate-core

37 lines (27 loc) 899 B
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
import { validateApiKey } from "../util/validate.js"; import { hashApiKey, compareHashedApiKey } from "../util/hash.js"; export function createAuthMiddleware(options) { const { keyLoader } = options; return async function authMiddleware(req, res, next) { // logic here const rawKey = req.headers["x-api-key"]; // / 1) Validate input format if (!validateApiKey(rawKey)) { res.statusCode = 401; return res.end("Invalid API Key Format"); } const hashedKey = hashApiKey(rawKey); const dbKey = await keyLoader(hashedKey); if (!dbKey) { res.statusCode = 401; return res.end("API Key Not Found"); } // 4) Final secure comparison if (!compareHashedApiKey(rawKey, dbKey)) { res.statusCode = 401; return res.end("Unauthorized"); } req.auth_key = dbKey; next(); }; }