47 lines
1.3 KiB
TypeScript
47 lines
1.3 KiB
TypeScript
import env from '#start/env'
|
|
import type { HttpContext } from '@adonisjs/core/http'
|
|
import type { NextFn } from '@adonisjs/core/types/http'
|
|
|
|
export default class BearerTokenAuthMiddleware {
|
|
async handle({ response, request }: HttpContext, next: NextFn) {
|
|
// Get the authorization header
|
|
const authHeader = request.header('authorization')
|
|
if (!authHeader) {
|
|
return response.status(401).json({
|
|
error: 'Authorization header is required',
|
|
})
|
|
}
|
|
|
|
// Check if it's a Bearer token
|
|
if (!authHeader.startsWith('Bearer ')) {
|
|
return response.status(401).json({
|
|
error: 'Authorization header must be a Bearer token',
|
|
})
|
|
}
|
|
|
|
// Extract the token
|
|
const token = authHeader.substring(7) // Remove 'Bearer ' prefix
|
|
if (!token) {
|
|
return response.status(401).json({
|
|
error: 'Token is required',
|
|
})
|
|
}
|
|
|
|
// Get the valid token from environment
|
|
const validToken = env.get('API_BEARER_TOKEN')
|
|
if (!validToken) {
|
|
return response.status(500).json({
|
|
error: 'Server configuration error: API token not configured',
|
|
})
|
|
}
|
|
|
|
// Validate the token
|
|
if (token !== validToken) {
|
|
return response.status(401).json({
|
|
error: 'Invalid token',
|
|
})
|
|
}
|
|
|
|
await next()
|
|
}
|
|
}
|