Spaces:
Paused
Paused
| import { NextRequest } from "next/server"; | |
| import { getServerSideConfig } from "../config/server"; | |
| import md5 from "spark-md5"; | |
| import { ACCESS_CODE_PREFIX } from "../constant"; | |
| const serverConfig = getServerSideConfig(); | |
| export function getIP(req: NextRequest) { | |
| let ip = req.ip ?? req.headers.get("x-real-ip"); | |
| const forwardedFor = req.headers.get("x-forwarded-for"); | |
| if (!ip && forwardedFor) { | |
| ip = forwardedFor.split(",").at(0) ?? ""; | |
| } | |
| return ip; | |
| } | |
| function parseApiKey(bearToken: string) { | |
| const token = bearToken.trim().replaceAll("Bearer ", "").trim(); | |
| const isOpenAiKey = !token.startsWith(ACCESS_CODE_PREFIX); | |
| return { | |
| accessCode: isOpenAiKey ? "" : token.slice(ACCESS_CODE_PREFIX.length), | |
| apiKey: isOpenAiKey ? token : "", | |
| }; | |
| } | |
| export function auth(req: NextRequest) { | |
| const authToken = req.headers.get("Authorization") ?? ""; | |
| const auth = req.headers.get("auth") ?? ""; | |
| // check if it is openai api key or user token | |
| const { accessCode, apiKey: token } = parseApiKey(authToken); | |
| const hashedCode = md5.hash(accessCode ?? "").trim(); | |
| console.log("[Auth] allowed hashed codes: ", [...serverConfig.codes]); | |
| console.log("[Auth] got access code:", accessCode); | |
| console.log("[Auth] hashed access code:", hashedCode); | |
| console.log("[Auth] get auth:",auth); | |
| console.log("[User IP] ", getIP(req)); | |
| console.log("[Time] ", new Date().toLocaleString()); | |
| // serverConfig.needCode && !serverConfig.codes.has(hashedCode) && | |
| if (!token && !auth) { | |
| return { | |
| error: true, | |
| needAccessCode: true, | |
| msg: "Please go login page to login.", | |
| }; | |
| } | |
| // if user does not provide an api key, inject system api key | |
| if (!token) { | |
| const apiKey = serverConfig.apiKey; | |
| if (apiKey) { | |
| console.log("[Auth] use system api key"); | |
| req.headers.set("Authorization", `Bearer ${apiKey}`); | |
| } else { | |
| console.log("[Auth] admin did not provide an api key"); | |
| return { | |
| error: true, | |
| msg: "Empty Api Key", | |
| }; | |
| } | |
| } else { | |
| console.log("[Auth] use user api key"); | |
| } | |
| return { | |
| error: false, | |
| }; | |
| } | |