(request: NextRequest)
| 15 | } |
| 16 | |
| 17 | export async function authenticateV1Request(request: NextRequest): Promise<AuthResult> { |
| 18 | if (isAuthDisabled) { |
| 19 | return { |
| 20 | authenticated: true, |
| 21 | userId: ANONYMOUS_USER_ID, |
| 22 | keyType: 'personal', |
| 23 | } |
| 24 | } |
| 25 | |
| 26 | const apiKey = request.headers.get('x-api-key') |
| 27 | |
| 28 | if (!apiKey) { |
| 29 | return { |
| 30 | authenticated: false, |
| 31 | error: 'API key required', |
| 32 | } |
| 33 | } |
| 34 | |
| 35 | try { |
| 36 | const result = await authenticateApiKeyFromHeader(apiKey) |
| 37 | |
| 38 | if (!result.success) { |
| 39 | logger.warn('Invalid API key attempted', { keyPrefix: apiKey.slice(0, 8) }) |
| 40 | return { |
| 41 | authenticated: false, |
| 42 | error: result.error || 'Invalid API key', |
| 43 | } |
| 44 | } |
| 45 | |
| 46 | await updateApiKeyLastUsed(result.keyId!) |
| 47 | |
| 48 | return { |
| 49 | authenticated: true, |
| 50 | userId: result.userId!, |
| 51 | workspaceId: result.workspaceId, |
| 52 | keyType: result.keyType, |
| 53 | } |
| 54 | } catch (error) { |
| 55 | logger.error('API key authentication error', { error }) |
| 56 | return { |
| 57 | authenticated: false, |
| 58 | error: 'Authentication failed', |
| 59 | } |
| 60 | } |
| 61 | } |
no test coverage detected