UNPKG

payload

Version:

Node, React, Headless CMS and Application Framework built on Next.js

payloadcms.com

payloadcms/payload

65 lines (64 loc) 2.46 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
import crypto from 'crypto'; export const APIKeyAuthentication = (collectionConfig)=>async ({ headers, isGraphQL = false, payload })=>{ const authHeader = headers.get('Authorization'); if (authHeader?.startsWith(`${collectionConfig.slug} API-Key `)) { const apiKey = authHeader.replace(`${collectionConfig.slug} API-Key `, ''); // TODO: V4 remove extra algorithm check // api keys saved prior to v3.46.0 will have sha1 const sha1APIKeyIndex = crypto.createHmac('sha1', payload.secret).update(apiKey).digest('hex'); const sha256APIKeyIndex = crypto.createHmac('sha256', payload.secret).update(apiKey).digest('hex'); const apiKeyConstraints = [ { apiKeyIndex: { equals: sha1APIKeyIndex } }, { apiKeyIndex: { equals: sha256APIKeyIndex } } ]; try { const where = {}; if (collectionConfig.auth?.verify) { where.and = [ { or: apiKeyConstraints }, { _verified: { not_equals: false } } ]; } else { where.or = apiKeyConstraints; } const userQuery = await payload.find({ collection: collectionConfig.slug, depth: isGraphQL ? 0 : collectionConfig.auth.depth, limit: 1, overrideAccess: true, pagination: false, where }); if (userQuery.docs && userQuery.docs.length > 0) { const user = userQuery.docs[0]; user.collection = collectionConfig.slug; user._strategy = 'api-key'; return { user: user }; } } catch (ignore) { return { user: null }; } } return { user: null }; }; //# sourceMappingURL=apiKey.js.map