QT/bigcapital
1
0
Fork 0
mirror of https://github.com/bigcapitalhq/bigcapital.git synced 2026-02-17 05:10:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: use the same Authorization header for jwt and api key

Browse Source
This commit is contained in:
Ahmed Bouhuolia
2025-07-02 08:30:53 +02:00
parent 5d96357042
commit adb1bea374
6 changed files with 22 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
packages/server/src/modules/Auth/Auth.utils.ts
View File

@@ -1,4 +1,5 @@
import * as bcrypt from 'bcrypt';
import { AuthApiKeyPrefix } from './Auth.constants';
export const hashPassword = (password: string): Promise<string> =>
new Promise((resolve) => {
@@ -8,3 +9,12 @@ export const hashPassword = (password: string): Promise<string> =>
});
});
});
/**
* Extracts and validates an API key from the Authorization header
* @param {string} authorization - Full authorization header content.
*/
export const getAuthApiKey = (authorization: string) => {
const apiKey = authorization.toLowerCase().replace('bearer ', '').trim();
return apiKey.startsWith(AuthApiKeyPrefix) ? apiKey : '';
};