usulpro
/
banatie-service
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix: return correct codes

This commit is contained in:
Oleg Proskurin 2025-10-12 22:13:34 +07:00
parent 691e472a2e
commit 9a9c7260e2
3 changed files with 7 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
apps/api-service/src/middleware/auth/requireMasterKey.ts
View File

@ -6,11 +6,10 @@ import { Request, Response, NextFunction } from 'express';
*/
export function requireMasterKey(req: Request, res: Response, next: NextFunction): void {
if (!req.apiKey) {
res.status(401).json({
return res.status(401).json({
error: 'Authentication required',
message: 'This endpoint requires authentication',
});
return;
}
if (req.apiKey.keyType !== 'master') {
@ -18,11 +17,10 @@ export function requireMasterKey(req: Request, res: Response, next: NextFunction
`[${new Date().toISOString()}] Non-master key attempted admin action: ${req.apiKey.id} (${req.apiKey.keyType}) - ${req.path}`,
);
res.status(403).json({
return res.status(403).json({
error: 'Master key required',
message: 'This endpoint requires a master API key',
});
return;
}
next();

9
apps/api-service/src/middleware/auth/requireProjectKey.ts
View File

@ -7,30 +7,27 @@ import { Request, Response, NextFunction } from 'express';
export function requireProjectKey(req: Request, res: Response, next: NextFunction): void {
// This middleware assumes validateApiKey has already run and attached req.apiKey
if (!req.apiKey) {
res.status(401).json({
return res.status(401).json({
error: 'Authentication required',
message: 'API key validation must be performed first',
});
return;
}
// Block master keys from generation endpoints
if (req.apiKey.keyType === 'master') {
res.status(403).json({
return res.status(403).json({
error: 'Forbidden',
message:
'Master keys cannot be used for image generation. Please use a project-specific API key.',
});
return;
}
// Ensure project key has required IDs
if (!req.apiKey.projectId) {
res.status(400).json({
return res.status(400).json({
error: 'Invalid API key',
message: 'Project key must be associated with a project',
});
return;
}
console.log(

6
apps/api-service/src/middleware/auth/validateApiKey.ts
View File

@ -23,22 +23,20 @@ export async function validateApiKey(
const providedKey = req.headers['x-api-key'] as string;
if (!providedKey) {
res.status(401).json({
return res.status(401).json({
error: 'Missing API key',
message: 'Provide your API key via X-API-Key header',
});
return;
}
try {
const apiKey = await apiKeyService.validateKey(providedKey);
if (!apiKey) {
res.status(401).json({
return res.status(401).json({
error: 'Invalid API key',
message: 'The provided API key is invalid, expired, or revoked',
});
return;
}
// Attach to request for use in routes