(request: NextRequest)
| 34 | * @returns Authentication result with success status and optional error |
| 35 | */ |
| 36 | export function authenticateAdminRequest(request: NextRequest): AdminAuthResult { |
| 37 | const adminKey = env.ADMIN_API_KEY |
| 38 | |
| 39 | if (!adminKey) { |
| 40 | logger.warn('ADMIN_API_KEY environment variable is not set') |
| 41 | return { |
| 42 | authenticated: false, |
| 43 | error: 'Admin API is not configured. Set ADMIN_API_KEY environment variable.', |
| 44 | notConfigured: true, |
| 45 | } |
| 46 | } |
| 47 | |
| 48 | const providedKey = request.headers.get('x-admin-key') |
| 49 | |
| 50 | if (!providedKey) { |
| 51 | return { |
| 52 | authenticated: false, |
| 53 | error: 'Admin API key required. Provide x-admin-key header.', |
| 54 | } |
| 55 | } |
| 56 | |
| 57 | if (!safeCompare(providedKey, adminKey)) { |
| 58 | logger.warn('Invalid admin API key attempted', { keyPrefix: providedKey.slice(0, 8) }) |
| 59 | return { |
| 60 | authenticated: false, |
| 61 | error: 'Invalid admin API key', |
| 62 | } |
| 63 | } |
| 64 | |
| 65 | return { authenticated: true } |
| 66 | } |
no test coverage detected