michael/merlyn
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
0b8e89f6a7
merlyn/collector/middleware/verifyIntegrity.js
Timothy Carambat 1601eb986c
Enable bypass of ip limitations via ENV in collector processing (#3652) 
* Enable bypass of ip limitations via ENV in collector startup
resolves #3625
connect #3626

* dev build

* bump dockerx build action

* enable runtime setting config of collector requests

* comments and linting for option passing

* unset

* unset

* update docs link

* linting and docs
2025-04-21 11:10:41 -07:00

26 lines
902 B
JavaScript
Raw Blame History

const { CommunicationKey } = require("../utils/comKey");
const RuntimeSettings = require("../utils/runtimeSettings");
const runtimeSettings = new RuntimeSettings();
function verifyPayloadIntegrity(request, response, next) {
const comKey = new CommunicationKey();
if (process.env.NODE_ENV === "development") {
comKey.log('verifyPayloadIntegrity is skipped in development.');
runtimeSettings.parseOptionsFromRequest(request);
next();
return;
}
const signature = request.header("X-Integrity");
if (!signature) return response.status(400).json({ msg: 'Failed integrity signature check.' })
const validSignedPayload = comKey.verify(signature, request.body);
if (!validSignedPayload) return response.status(400).json({ msg: 'Failed integrity signature check.' });
runtimeSettings.parseOptionsFromRequest(request);
next();
}
module.exports = {
verifyPayloadIntegrity
}
Reference in New Issue View Git Blame Copy Permalink