( req: ApiRequest, secret: string | undefined, )
| 37 | } |
| 38 | |
| 39 | function checkAuth( |
| 40 | req: ApiRequest, |
| 41 | secret: string | undefined, |
| 42 | ): Response | null { |
| 43 | if (!secret) return null; |
| 44 | const auth = req.headers?.["authorization"] || req.headers?.["Authorization"]; |
| 45 | if ( |
| 46 | typeof auth !== "string" || |
| 47 | !timingSafeCompare(auth, `Bearer ${secret}`) |
| 48 | ) { |
| 49 | return { status_code: 401, body: { error: "unauthorized" } }; |
| 50 | } |
| 51 | return null; |
| 52 | } |
| 53 | |
| 54 | function requireConfiguredSecret( |
| 55 | secret: string | undefined, |
no test coverage detected