f600b7b15e
- Integrated ECDSA for signature verification in ComboHandler. - Updated event emissions to include additional parameters for better tracking. - Improved gas tracking during execution of combo plans. - Enhanced database interactions for storing and retrieving plans, including conflict resolution and status updates. - Added new dependencies for security and database management in orchestrator.
45 lines
1.2 KiB
TypeScript
45 lines
1.2 KiB
TypeScript
import { Request, Response, NextFunction } from "express";
|
|
|
|
/**
|
|
* API Key authentication middleware
|
|
*/
|
|
export const apiKeyAuth = (req: Request, res: Response, next: NextFunction) => {
|
|
const apiKey = req.headers["x-api-key"] || req.headers["authorization"]?.replace("Bearer ", "");
|
|
|
|
if (!apiKey) {
|
|
return res.status(401).json({
|
|
error: "Unauthorized",
|
|
message: "API key is required",
|
|
});
|
|
}
|
|
|
|
// Validate API key (in production, check against database)
|
|
const validApiKeys = process.env.API_KEYS?.split(",") || [];
|
|
if (!validApiKeys.includes(apiKey as string)) {
|
|
return res.status(403).json({
|
|
error: "Forbidden",
|
|
message: "Invalid API key",
|
|
});
|
|
}
|
|
|
|
// Attach API key info to request
|
|
(req as any).apiKey = apiKey;
|
|
next();
|
|
};
|
|
|
|
/**
|
|
* Optional API key authentication (for public endpoints)
|
|
*/
|
|
export const optionalApiKeyAuth = (req: Request, res: Response, next: NextFunction) => {
|
|
const apiKey = req.headers["x-api-key"] || req.headers["authorization"]?.replace("Bearer ", "");
|
|
if (apiKey) {
|
|
const validApiKeys = process.env.API_KEYS?.split(",") || [];
|
|
if (validApiKeys.includes(apiKey as string)) {
|
|
(req as any).apiKey = apiKey;
|
|
(req as any).authenticated = true;
|
|
}
|
|
}
|
|
next();
|
|
};
|
|
|