diff --git a/middleware/verifyJWT.ts b/middleware/verifyJWT.ts
index aab5e133bc96e8601a11434fc44e6339bcb7835c..1d485519b6f1a734301b989b709abb0559a7e52f 100644
--- a/middleware/verifyJWT.ts
+++ b/middleware/verifyJWT.ts
@@ -1,27 +1,53 @@
-import jwt from "jsonwebtoken"
-import { Request, Response, NextFunction } from "express"
+import jwt from "jsonwebtoken";
+import { Request, Response, NextFunction } from "express";
+import { PrismaClient } from "@prisma/client";
+
interface CustomRequest extends Request {
- name: string
- email: string
- roles: string[]
- university: string | null
- organization: string | null
+ name: string;
+ email: string;
+ roles: string[];
+ university: string | null;
+ organization: string | null;
}
-const verifyJWT = (req: Request, res: Response, next: NextFunction): void => {
- const accessToken = req.cookies.accToken
- if (!accessToken) {
- res.sendStatus(401)
+const prismaClient = new PrismaClient();
+
+const verifyJWT = async (
+ req: Request,
+ res: Response,
+ next: NextFunction
+): Promise<void> => {
+ const accessToken = req.cookies.accToken;
+ const apiKey = req.headers['x-api-key'];
+ if (!apiKey) {
+ res.sendStatus(401);
} else {
- jwt.verify(
- accessToken,
- process.env.ACCESS_TOKEN_SECRET as string,
- (err: any) => {
- if (err) res.sendStatus(403)
- next()
+ try {
+ const apiKeyData = await prismaClient.apikeys.findMany({
+ where: {
+ key_value: apiKey as string,
+ },
+ });
+ if (apiKeyData.length === 0) {
+ res.sendStatus(401);
+ } else {
+ jwt.verify(
+ accessToken,
+ process.env.ACCESS_TOKEN_SECRET as string,
+ (err: any) => {
+ if (err) {
+ res.sendStatus(403);
+ } else {
+ next();
+ }
+ }
+ );
}
- )
+ } catch (error : any) {
+ console.error(error.message);
+ res.sendStatus(500);
+ }
}
-}
+};
-export default verifyJWT
+export default verifyJWT;
diff --git a/prisma/migrations/db/migration.sql b/prisma/migrations/db/migration.sql
index d6d884d09bc8a3965331d2cf64a414301f2cf0fe..24a71308e0a142c9155f9a90f600479efe239d63 100644
--- a/prisma/migrations/db/migration.sql
+++ b/prisma/migrations/db/migration.sql
@@ -87,6 +87,15 @@ CREATE TABLE "Files" (
CONSTRAINT "Files_pkey" PRIMARY KEY ("file_id")
);
+-- CreateTable
+CREATE TABLE "apikeys" (
+ "id_key" SERIAL NOT NULL,
+ "service_name" TEXT NOT NULL,
+ "key_value" TEXT NOT NULL,
+
+ CONSTRAINT "apikeys_pkey" PRIMARY KEY ("id_key")
+);
+
-- CreateIndex
CREATE UNIQUE INDEX "User_user_id_key" ON "User"("user_id");
@@ -122,3 +131,7 @@ ALTER TABLE "Assignment" ADD CONSTRAINT "Assignment_organization_id_scholarship_
-- AddForeignKey
ALTER TABLE "Files" ADD CONSTRAINT "Files_organization_id_scholarship_id_assignment_id_fkey" FOREIGN KEY ("organization_id", "scholarship_id", "assignment_id") REFERENCES "Assignment"("organization_id", "scholarship_id", "assignment_id") ON DELETE CASCADE ON UPDATE CASCADE;
+
+INSERT INTO "apikeys" (service_name, key_value) VALUES ('SPA', 'spaKey');
+
+INSERT INTO "apikeys" (service_name, key_value) VALUES ('PHP', 'phpKey');
\ No newline at end of file
diff --git a/prisma/schema.prisma b/prisma/schema.prisma
index 12b4f39dfd1090678aab809839e926797a6fc260..677978f16ec6b31b53e5c47ab88fb5431613a4fc 100644
--- a/prisma/schema.prisma
+++ b/prisma/schema.prisma
@@ -88,6 +88,12 @@ model Files {
assignment Assignment @relation(fields: [organization_id, scholarship_id, assignment_id], references: [organization_id, scholarship_id, assignment_id], onDelete: Cascade)
}
+model apikeys {
+ id_key Int @id @default(autoincrement())
+ service_name String
+ key_value String
+}
+
enum Role {
university
organization