GEG Nachweis

src/lib/middleware/authorization.ts

@@ -4,10 +4,16 @@ import { prisma } from "@ibcornelsen/database/server";
 import { APIError, TypesafeAPIContextWithRequest } from "astro-typesafe-api/server";
 import { z } from "zod";
 
-export async function authorizationMiddleware(input: any, context: TypesafeAPIContextWithRequest<any>) {
-	const authorization: string | undefined = context.request.headers.get("Authorization");
+export async function checkAuthorizationHeaderNoThrow(authorization: string): Promise<ReturnType<typeof checkAuthorizationHeader> | null> {
+	try {
+		return await checkAuthorizationHeader(authorization)
+	} catch(e) {
+		return null
+	}
+}
 
-	if (!context.request.headers.has("Authorization") || !authorization) {
+export async function checkAuthorizationHeader(authorization: string) {
+	if (!authorization) {
 		throw new APIError({
 			code: "BAD_REQUEST",
 			message: "Request is missing an 'Authorization' header."
@@ -81,6 +87,10 @@ export async function authorizationMiddleware(input: any, context: TypesafeAPICo
 	})
 }
 
+export async function authorizationMiddleware(input: any, ctx: TypesafeAPIContextWithRequest<any>) {
+	return await checkAuthorizationHeader(ctx.request.headers.get("Authorization"));
+}
+
 export async function maybeAuthorizationMiddleware(input: any, ctx: TypesafeAPIContextWithRequest<any>) {
 	try {
 		return authorizationMiddleware(input, ctx)
@@ -93,7 +103,7 @@ export const authorizationHeaders = {
 	Authorization: z.string()
 }
 
-export async function adminMiddleware(input: any, ctx: TypesafeAPIContextWithRequest<any>) {
+export async function adminMiddleware(input: any, ctx: TypesafeAPIContextWithRequest<any>) {	
 	try {
 		const user = await authorizationMiddleware(input, ctx)