dunkirk.sh / hop
blazing fast link redirects on cloudflare kv hop.dunkirk.sh/u/tacy
fork atom

feat: allow api key auth too

dunkirk.sh 10164868 d03b25ea

verified
+29 -12
unified split
+28 -12
src/index.ts
··· 80 80 // Check auth for all other routes (except / which needs to load first) 81 81 if (url.pathname !== '/') { 82 82 const authHeader = request.headers.get('Authorization'); 83 - if (!authHeader || !authHeader.startsWith('Bearer ')) { 83 + if (!authHeader) { 84 84 return new Response(JSON.stringify({ error: 'Unauthorized' }), { 85 85 status: 401, 86 86 headers: { 'Content-Type': 'application/json' }, 87 87 }); 88 88 } 89 89 90 - const token = authHeader.slice(7); 91 - const sessionData = await env.HOP.get(`session:${token}`); 90 + // Check for API key authentication 91 + if (authHeader.startsWith('Bearer ')) { 92 + const token = authHeader.slice(7); 93 + 94 + // Check if it's an API key 95 + if (token === env.API_KEY) { 96 + // Valid API key, continue 97 + } else { 98 + // Check if it's a session token 99 + const sessionData = await env.HOP.get(`session:${token}`); 92 100 93 - if (!sessionData) { 94 - return new Response(JSON.stringify({ error: 'Unauthorized' }), { 95 - status: 401, 96 - headers: { 'Content-Type': 'application/json' }, 97 - }); 98 - } 101 + if (!sessionData) { 102 + return new Response(JSON.stringify({ error: 'Unauthorized' }), { 103 + status: 401, 104 + headers: { 'Content-Type': 'application/json' }, 105 + }); 106 + } 99 107 100 - const session = JSON.parse(sessionData); 101 - if (session.expiresAt < Date.now()) { 102 - await env.HOP.delete(`session:${token}`); 108 + const session = JSON.parse(sessionData); 109 + if (session.expiresAt < Date.now()) { 110 + await env.HOP.delete(`session:${token}`); 111 + return new Response(JSON.stringify({ error: 'Unauthorized' }), { 112 + status: 401, 113 + headers: { 'Content-Type': 'application/json' }, 114 + }); 115 + } 116 + } 117 + } else { 103 118 return new Response(JSON.stringify({ error: 'Unauthorized' }), { 104 119 status: 401, 105 120 headers: { 'Content-Type': 'application/json' }, ··· 277 292 interface Env { 278 293 HOP: KVNamespace; 279 294 AUTH_PASSWORD: string; 295 + API_KEY: string; 280 296 }
+1
wrangler.toml
··· 18 18 19 19 [vars] 20 20 AUTH_PASSWORD = "changeme" 21 + API_KEY = "your-api-key-here" 21 22 22 23 [[rules]] 23 24 type = "Text"