TryGhost/Ghost
1
0
Fork 0
mirror of https://github.com/TryGhost/Ghost.git synced 2024-12-21 18:01:36 +03:00
Code Issues Projects Releases Wiki Activity
39160fc794
Ghost/core/server/services/auth/api-key/content.js
Aleksander Chromik 6ff63dc220
Replaced i18n.t w/ tpl helper in core/server/services/auth (#13458) 
refs #13380

The i18n package is deprecated. It is being replaced with the tpl package.

Co-authored-by: Aleksander Chromik <aleksander.chromik@footballco.com>
2021-10-06 09:42:44 +01:00

68 lines
2.3 KiB
JavaScript
Raw Blame History

const models = require('../../../models');
const errors = require('@tryghost/errors');
const limitService = require('../../../services/limits');
const tpl = require('@tryghost/tpl');
const messages = {
invalidRequest: 'Invalid Request',
unknownContentApiKey: 'Unknown Content API Key',
invalidApiKeyType: 'Invalid API Key type'
};
const authenticateContentApiKey = async function authenticateContentApiKey(req, res, next) {
// allow fallthrough to other auth methods or final ensureAuthenticated check
if (!req.query || !req.query.key) {
return next();
}
if (req.query.key.constructor === Array) {
return next(new errors.BadRequestError({
message: tpl(messages.invalidRequest),
code: 'INVALID_REQUEST'
}));
}
let key = req.query.key;
try {
const apiKey = await models.ApiKey.findOne({secret: key}, {withRelated: ['integration']});
if (!apiKey) {
return next(new errors.UnauthorizedError({
message: tpl(messages.unknownContentApiKey),
code: 'UNKNOWN_CONTENT_API_KEY'
}));
}
if (apiKey.get('type') !== 'content') {
return next(new errors.UnauthorizedError({
message: tpl(messages.invalidApiKeyType),
code: 'INVALID_API_KEY_TYPE'
}));
}
// CASE: blocking all non-internal: "custom" and "builtin" integration requests when the limit is reached
if (limitService.isLimited('customIntegrations')
&& (apiKey.relations.integration && !['internal'].includes(apiKey.relations.integration.get('type')))) {
// NOTE: using "checkWouldGoOverLimit" instead of "checkIsOverLimit" here because flag limits don't have
// a concept of measuring if the limit has been surpassed
await limitService.errorIfWouldGoOverLimit('customIntegrations');
}
// authenticated OK, store the api key on the request for later checks and logging
req.api_key = apiKey;
next();
} catch (err) {
if (err instanceof errors.HostLimitError) {
next(err);
} else {
next(new errors.InternalServerError({err}));
}
}
};
module.exports = {
authenticateContentApiKey
};
Reference in New Issue View Git Blame Copy Permalink