Moduletrace/dsql-admin
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
bc037e839f
dsql-admin/dsql-app/package-shared/functions/backend/api-cred.js
Benjamin Toby bc037e839f Updates
2024-12-15 12:27:16 +01:00

51 lines
1.7 KiB
JavaScript
Raw Blame History

// @ts-check
const fs = require("fs");
const decrypt = require("../dsql/decrypt");
/** @type {import("../../types").CheckApiCredentialsFn} */
const grabApiCred = ({ key, database, table, user_id, media }) => {
if (!key) return null;
if (!user_id) return null;
try {
const allowedKeysPath = process.env.DSQL_API_KEYS_PATH;
if (!allowedKeysPath)
throw new Error(
"process.env.DSQL_API_KEYS_PATH variable not found"
);
const ApiJSON = decrypt({ encryptedString: key });
/** @type {import("../../types").ApiKeyObject} */
const ApiObject = JSON.parse(ApiJSON || "");
const isApiKeyValid = fs.existsSync(
`${allowedKeysPath}/${ApiObject.sign}`
);
if (String(ApiObject.user_id) !== String(user_id)) return null;
if (!isApiKeyValid) return null;
if (!ApiObject.target_database) return ApiObject;
if (media) return ApiObject;
if (!database && ApiObject.target_database) return null;
const isDatabaseAllowed = ApiObject.target_database
?.split(",")
.includes(String(database));
if (isDatabaseAllowed && !ApiObject.target_table) return ApiObject;
if (isDatabaseAllowed && !table && ApiObject.target_table) return null;
const isTableAllowed = ApiObject.target_table
?.split(",")
.includes(String(table));
if (isTableAllowed) return ApiObject;
return null;
} catch (/** @type {any} */ error) {
console.log(`api-cred ERROR: ${error.message}`);
return { error: `api-cred ERROR: ${error.message}` };
}
};
module.exports = grabApiCred;
Reference in New Issue View Git Blame Copy Permalink