nav/Fabric.Backend.Center
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(center): enforce API key on all APIs except node register

Browse Source
This commit is contained in:
nav
2026-05-13 08:17:42 +00:00
parent a924bf656d
commit cfa5ccdfaf
4 changed files with 63 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/nodes/nodes.controller.ts
View File

@@ -16,6 +16,8 @@ import {
} from '@nestjs/common';
import { InjectRepository } from '@nestjs/typeorm';
import { Repository } from 'typeorm';
import * as bcrypt from 'bcryptjs';
import { randomBytes } from 'crypto';
import { GuildNode } from '../entities/guild-node.entity';
import { AuditService } from '../audit/audit.service';
import { RegisterNodeDto } from './dto.register-node.dto';
@@ -95,7 +97,10 @@ export class NodesController {
name: body.name,
endpoint: body.endpoint,
status: 'active',
apiKeyHash: null,
});
const rawApiKey = `gk_${randomBytes(24).toString('hex')}`;
node.apiKeyHash = await bcrypt.hash(rawApiKey, 10);
const saved = await this.nodeRepo.save(node);
await this.audit.write({
action: 'node.register',
@@ -114,6 +119,7 @@ export class NodesController {
endpoint: saved.endpoint,
status: saved.status,
},
apiKey: rawApiKey,
};
}