Updating API key controller in self-host mode to return self host API key.

packages/server/src/api/controllers/apikeys.js

@@ -3,13 +3,20 @@ const { join } = require("../../utilities/centralPath")
 const readline = require("readline")
 const { budibaseAppsDir } = require("../../utilities/budibaseDir")
 const env = require("../../environment")
+const selfhost = require("../../selfhost")
 const ENV_FILE_PATH = "/.env"
 
 exports.fetch = async function(ctx) {
   ctx.status = 200
-  ctx.body = {
+  if (env.SELF_HOSTED) {
-    budibase: env.BUDIBASE_API_KEY,
+    ctx.body = {
-    userId: env.USERID_API_KEY,
+      selfhost: await selfhost.getSelfHostAPIKey(),
+    }
+  } else {
+    ctx.body = {
+      budibase: env.BUDIBASE_API_KEY,
+      userId: env.USERID_API_KEY,
+    }
   }
 }
 

packages/server/src/middleware/authorized.js

@@ -7,7 +7,7 @@ const {
   doesHavePermission,
 } = require("../utilities/security/permissions")
 const env = require("../environment")
-const { getAPIKey } = require("../utilities/security/apikey")
+const { isAPIKeyValid } = require("../utilities/security/apikey")
 const { AuthTypes } = require("../constants")
 
 const ADMIN_ROLES = [BUILTIN_ROLE_IDS.ADMIN, BUILTIN_ROLE_IDS.BUILDER]
@@ -21,9 +21,7 @@ module.exports = (permType, permLevel = null) => async (ctx, next) => {
   }
   if (env.CLOUD && ctx.headers["x-api-key"] && ctx.headers["x-instanceid"]) {
     // api key header passed by external webhook
-    const apiKeyInfo = await getAPIKey(ctx.headers["x-api-key"])
+    if (await isAPIKeyValid(ctx.headers["x-api-key"])) {
-
-    if (apiKeyInfo) {
       ctx.auth = {
         authenticated: AuthTypes.EXTERNAL,
         apiKey: ctx.headers["x-api-key"],

packages/server/src/selfhost/index.js

@@ -37,3 +37,8 @@ exports.getSelfHostInfo = async () => {
   const db = new CouchDB(SELF_HOST_DB)
   return db.get(SELF_HOST_DOC)
 }
+
+exports.getSelfHostAPIKey = async () => {
+  const info = await exports.getSelfHostInfo()
+  return info ? info.apiKeyId : null
+}

packages/server/src/utilities/security/apikey.js

@@ -1,22 +1,23 @@
 const { apiKeyTable } = require("../../db/dynamoClient")
 const env = require("../../environment")
-const { getSelfHostInfo } = require("../../selfhost")
+const { getSelfHostAPIKey } = require("../../selfhost")
 
 /**
  * This file purely exists so that we can centralise all logic pertaining to API keys, as their usage differs
  * in our Cloud environment versus self hosted.
  */
 
-exports.getAPIKey = async apiKeyId => {
+exports.isAPIKeyValid = async apiKeyId => {
   if (env.CLOUD && !env.SELF_HOSTED) {
-    return apiKeyTable.get({
+    let apiKeyInfo = await apiKeyTable.get({
       primary: apiKeyId,
     })
+    return apiKeyInfo != null
   }
   if (env.SELF_HOSTED) {
-    const selfHostInfo = await getSelfHostInfo()
+    const selfHostKey = await getSelfHostAPIKey()
     // if the api key supplied is correct then return structure similar
-    return apiKeyId === selfHostInfo.apiKeyId ? { pk: apiKeyId } : null
+    return apiKeyId === selfHostKey ? { pk: apiKeyId } : null
   }
-  return null
+  return false
 }