admin/bodyshop
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
fb29fa2caadef006923a8960eb8a15e54cda59fa
bodyshop/server/middleware/vsstaIntegrationMiddleware.js
Dave Richer 68c7b184d2 feature/IO-3258-Shop-User-Vendor-Creation: Finish
2025-06-09 18:39:29 -04:00

21 lines
651 B
JavaScript
Raw Blame History

/**
* VSSTA Integration Middleware
* Fails closed if the env var is missing or empty, and strictly compares header.
*/
const vsstaIntegrationMiddleware = (req, res, next) => {
const secret = process.env.VSSTA_INTEGRATION_SECRET;
if (typeof secret !== "string" || secret.length === 0) {
return res.status(500).send("Server misconfiguration");
}
const headerValue = req.headers["vssta-integration-secret"];
if (typeof headerValue !== "string" || headerValue.trim() !== secret) {
return res.status(401).send("Unauthorized");
}
req.isVsstaIntegrationAuthorized = true;
next();
};
module.exports = vsstaIntegrationMiddleware;
Reference in New Issue View Git Blame Copy Permalink