joe/kami-parse-server
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Improves key matching algorithm

Browse Source
This commit is contained in:
Florent Vilmart
2016-02-26 09:42:32 -05:00
parent 791c5512aa
commit ea2de87b1a
1 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
src/middlewares.js
View File

@@ -99,20 +99,20 @@ function handleParseHeaders(req, res, next) {
// Client keys are not required in parse-server, but if any have been configured in the server, validate them
// to preserve original behavior.
var keyRequired = (req.config.clientKey
|| req.config.javascriptKey
|| req.config.dotNetKey
|| req.config.restAPIKey);
var keyHandled = false;
if (keyRequired
&& ((info.clientKey && req.config.clientKey && info.clientKey === req.config.clientKey)
|| (info.javascriptKey && req.config.javascriptKey && info.javascriptKey === req.config.javascriptKey)
|| (info.dotNetKey && req.config.dotNetKey && info.dotNetKey === req.config.dotNetKey)
|| (info.restAPIKey && req.config.restAPIKey && info.restAPIKey === req.config.restAPIKey)
)) {
keyHandled = true;
}
if (keyRequired && !keyHandled) {
let keys = ["clientKey", "javascriptKey", "dotNetKey", "restAPIKey"];
// We do it with mismatching keys to support no-keys config
var keyMismatch = keys.reduce(function(mismatch, key){
// check the info key
// increment the mismatch if different
if (info[key] !== req.config[key]) {
mismatch++;
}
return mismatch;
}, 0);
// All keys mismatch
if (keyMismatch == keys.length) {
return invalidRequest(req, res);
}