refactor: private endpoint with api keys

dherault · Sep 27, 2022 · 8638635 · 8638635
1 parent 7925f33
commit 8638635
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 13 deletions.
diff --git a/src/events/http/Http.js b/src/events/http/Http.js
@@ -2,7 +2,6 @@ import { log } from '@serverless/utils/log.js'
 import HttpEventDefinition from './HttpEventDefinition.js'
 import HttpServer from './HttpServer.js'
 import { orange } from '../../config/colors.js'
-import { createApiKey } from '../../utils/index.js'
 
 export default class Http {
   #hasPrivateHttpEvent = false
@@ -53,12 +52,8 @@ export default class Http {
   If you are experiencing any issues please let us know: https://github.com/dherault/serverless-offline/issues`),
         )
         log.notice()
-      } else {
-        this.#options.apiKey = createApiKey()
       }
 
-      log.notice(`Key with token: ${this.#options.apiKey}`)
-
       if (this.#options.noAuth) {
         log.notice(
           `Authorizers are turned off. You do not need to use 'x-api-key' header.`,

diff --git a/src/events/http/HttpServer.js b/src/events/http/HttpServer.js
@@ -22,6 +22,7 @@ import parseResources from './parseResources.js'
 import payloadSchemaValidator from './payloadSchemaValidator.js'
 import logRoutes from '../../utils/logRoutes.js'
 import {
+  createApiKey,
   detectEncoding,
   generateHapiPath,
   getApiKeysValues,
@@ -435,10 +436,7 @@ export default class HttpServer {
         const apiKey = request.headers['x-api-key']
 
         if (apiKey) {
-          if (
-            apiKey !== this.#options.apiKey &&
-            !this.#apiKeysValues.has(apiKey)
-          ) {
+          if (!this.#apiKeysValues.has(apiKey)) {
             log.debug(
               `Method '${method}' of function '${functionKey}' token '${apiKey}' not valid.`,
             )
@@ -452,10 +450,7 @@ export default class HttpServer {
         ) {
           const { usageIdentifierKey } = request.auth.credentials
 
-          if (
-            usageIdentifierKey !== this.#options.apiKey &&
-            !this.#apiKeysValues.has(usageIdentifierKey)
-          ) {
+          if (!this.#apiKeysValues.has(usageIdentifierKey)) {
             log.debug(
               `Method '${method}' of function '${functionKey}' token '${usageIdentifierKey}' not valid.`,
             )
@@ -898,6 +893,14 @@ export default class HttpServer {
   }
 
   createRoutes(functionKey, httpEvent, handler) {
+    if (httpEvent.private && this.#apiKeysValues.size === 0) {
+      const apiKey = this.#options.apiKey ?? createApiKey()
+
+      log.notice(`Key with token: ${apiKey}`)
+
+      this.#apiKeysValues.add(apiKey)
+    }
+
     let method
     let path
     let hapiPath