bodyshop/server/middleware/eventAuthorizationMIddleware.js

const path = require("path");
require("dotenv").config({
    path: path.resolve(
        process.cwd(),
        `.env.${process.env.NODE_ENV || "development"}`
    ),
});

/**
 * Checks if the event secret is correct
 * It adds the following properties to the request object:
 * - req.isEventAuthorized - Returns true if the event secret is correct
 * @param req
 * @param res
 * @param next
 */
function eventAuthorizationMiddleware(req, res, next) {
    if (req.headers["event-secret"] !== process.env.EVENT_SECRET) {
        return res.status(401).send("Unauthorized");
    }

    req.isEventAuthorized = true;
    next();
}

module.exports = eventAuthorizationMiddleware;