SumAI-Search / server /validateAccessKeyServerHook.ts
github-actions[bot]
Sync to HuggingFace Spaces
6b3405c
import { PreviewServer, ViteDevServer } from "vite";
import { argon2Verify } from "hash-wasm";
export function validateAccessKeyServerHook<
T extends ViteDevServer | PreviewServer,
>(server: T) {
server.middlewares.use(async (req, res, next) => {
if (req.url !== "/api/validate-access-key" || req.method !== "POST") {
return next();
}
const accessKeys = process.env.ACCESS_KEYS?.split(",") ?? [];
let body = "";
req.on("data", (chunk) => {
body += chunk.toString();
});
req.on("end", async () => {
try {
const { accessKeyHash } = JSON.parse(body);
let isValid = false;
for (const key of accessKeys) {
try {
if (await argon2Verify({ password: key, hash: accessKeyHash })) {
isValid = true;
break;
}
} catch {
continue;
}
}
res.setHeader("Content-Type", "application/json");
res.end(JSON.stringify({ valid: isValid }));
} catch {
res.statusCode = 400;
res.end(JSON.stringify({ valid: false, error: "Invalid request" }));
}
});
});
}