(req: Request, chatflow: ChatFlow)
| 10 | * @param {ChatFlow} chatflow |
| 11 | */ |
| 12 | export const validateFlowAPIKey = async (req: Request, chatflow: ChatFlow): Promise<boolean> => { |
| 13 | const chatFlowApiKeyId = chatflow?.apikeyid |
| 14 | if (!chatFlowApiKeyId) return true |
| 15 | |
| 16 | const authorizationHeader = (req.headers['Authorization'] as string) ?? (req.headers['authorization'] as string) ?? '' |
| 17 | if (chatFlowApiKeyId && !authorizationHeader) return false |
| 18 | |
| 19 | const suppliedKey = authorizationHeader.split(`Bearer `).pop() |
| 20 | if (!suppliedKey) return false |
| 21 | |
| 22 | try { |
| 23 | const apiKey = await apikeyService.getApiKeyById(chatFlowApiKeyId) |
| 24 | if (!apiKey) return false |
| 25 | |
| 26 | const apiKeyWorkSpaceId = apiKey.workspaceId |
| 27 | if (!apiKeyWorkSpaceId) return false |
| 28 | |
| 29 | if (apiKeyWorkSpaceId !== chatflow.workspaceId) return false |
| 30 | |
| 31 | const apiSecret = apiKey.apiSecret |
| 32 | if (!apiSecret || !compareKeys(apiSecret, suppliedKey)) return false |
| 33 | |
| 34 | return true |
| 35 | } catch (error) { |
| 36 | return false |
| 37 | } |
| 38 | } |
| 39 | |
| 40 | /** |
| 41 | * Validate and Get API Key Information |
no test coverage detected