diff --git a/packages/backend-core/src/errors/errors.ts b/packages/backend-core/src/errors/errors.ts index cc2e49ce98..54ca8456ab 100644 --- a/packages/backend-core/src/errors/errors.ts +++ b/packages/backend-core/src/errors/errors.ts @@ -16,6 +16,7 @@ export abstract class BudibaseError extends Error { export enum ErrorCode { USAGE_LIMIT_EXCEEDED = "usage_limit_exceeded", FEATURE_DISABLED = "feature_disabled", + INVALID_API_KEY = "invalid_api_key", HTTP = "http", } @@ -85,3 +86,14 @@ export class FeatureDisabledError extends HTTPError { } } } + +// AUTH + +export class InvalidAPIKeyError extends BudibaseError { + constructor() { + super( + "Invalid API key - may need re-generated, or user doesn't exist", + ErrorCode.INVALID_API_KEY + ) + } +} diff --git a/packages/backend-core/src/middleware/authenticated.ts b/packages/backend-core/src/middleware/authenticated.ts index 1b6ece2c37..8a97319586 100644 --- a/packages/backend-core/src/middleware/authenticated.ts +++ b/packages/backend-core/src/middleware/authenticated.ts @@ -14,6 +14,7 @@ import { decrypt } from "../security/encryption" import * as identity from "../context/identity" import env from "../environment" import { Ctx, EndpointMatcher } from "@budibase/types" +import { InvalidAPIKeyError, ErrorCode } from "../errors" const ONE_MINUTE = env.SESSION_UPDATE_PERIOD ? parseInt(env.SESSION_UPDATE_PERIOD) @@ -68,11 +69,7 @@ async function checkApiKey(apiKey: string, populateUser?: Function) { user: await getUser(userId, tenantId, populateUser), } } else { - throw { - message: - "Invalid API key - may need re-generated, or user doesn't exist", - name: "InvalidApiKey", - } + throw new InvalidAPIKeyError() } }) } @@ -175,7 +172,7 @@ export default function ( // invalid token, clear the cookie if (err?.name === "JsonWebTokenError") { clearCookie(ctx, Cookie.Auth) - } else if (err?.name === "InvalidApiKey") { + } else if (err?.code === ErrorCode.INVALID_API_KEY) { ctx.throw(403, err.message) } // allow configuring for public access