2019-02-03 19:16:02 +00:00
|
|
|
module.exports = async function (req, res, next) {
|
2019-02-24 21:27:24 +00:00
|
|
|
const key = req.param('key') || req.headers['roe-key']
|
|
|
|
|
const secret = req.param('secret') || req.headers['roe-secret']
|
2019-02-03 19:16:02 +00:00
|
|
|
|
2019-03-05 20:39:07 +00:00
|
|
|
if (!key || !secret) return res.status(403).json({ error: 'Missing appid and secret.' })
|
|
|
|
|
|
2019-02-24 21:27:24 +00:00
|
|
|
const pk = await PublishKey.findOne({ appid: key, secret })
|
|
|
|
|
if (pk) {
|
|
|
|
|
if (pk.whitelisted) return next()
|
2019-03-05 20:39:07 +00:00
|
|
|
else res.status(403).json({ error: 'Your app has not been whitelisted yet. Please contact the site operator.' })
|
2019-02-03 19:16:02 +00:00
|
|
|
}
|
|
|
|
|
|
2019-03-05 20:39:07 +00:00
|
|
|
res.status(403).json({ error: 'Invalid publishing key/secret pair.' })
|
2019-02-03 19:16:02 +00:00
|
|
|
}
|
