32 lines
858 B
TypeScript
32 lines
858 B
TypeScript
import { NextResponse } from "next/server";
|
|
|
|
function getProvidedToken(request: Request) {
|
|
const authHeader = request.headers.get("authorization") || "";
|
|
const bearerToken = authHeader.startsWith("Bearer ")
|
|
? authHeader.slice("Bearer ".length).trim()
|
|
: "";
|
|
|
|
return request.headers.get("x-admin-token") || bearerToken;
|
|
}
|
|
|
|
export function requireAdminToken(request: Request) {
|
|
const configuredToken = process.env.ADMIN_API_TOKEN;
|
|
|
|
if (!configuredToken) {
|
|
return NextResponse.json(
|
|
{ error: "Admin API is disabled." },
|
|
{ status: 503 }
|
|
);
|
|
}
|
|
|
|
const providedToken = getProvidedToken(request);
|
|
if (providedToken !== configuredToken) {
|
|
return NextResponse.json({ error: "Unauthorized" }, { status: 401 });
|
|
}
|
|
|
|
return null;
|
|
}
|
|
|
|
export function isAdminUiEnabled() {
|
|
return process.env.ADMIN_UI_ENABLED === "true";
|
|
}
|