From 26e90c6ea9b405bfc5c8d5a6fa85b6501f5ca881 Mon Sep 17 00:00:00 2001
From: Henrriky <henrriky.bastos@hittelco.com>
Date: Tue, 12 Mar 2024 17:07:41 -0300
Subject: [PATCH] feat: add middleware to verify token (API KEY) send by
 horacius system

---
 backend/src/middleware/verifyAPIKey.ts | 23 +++++++++++++++++++++++
 1 file changed, 23 insertions(+)
 create mode 100644 backend/src/middleware/verifyAPIKey.ts

diff --git a/backend/src/middleware/verifyAPIKey.ts b/backend/src/middleware/verifyAPIKey.ts
new file mode 100644
index 0000000..5df8481
--- /dev/null
+++ b/backend/src/middleware/verifyAPIKey.ts
@@ -0,0 +1,23 @@
+import { Request, Response, NextFunction } from "express";
+import AppError from "../errors/AppError";
+const verifyAPIKey = (req: Request, res: Response, next: NextFunction): void => {
+  const authHeader = req.headers.authorization; 
+
+  if (!authHeader) {
+    throw new AppError("ERR_SESSION_EXPIRED", 401);
+  }
+
+  const [, token] = authHeader.split(" ");  
+
+  const apiKeyIsValid = token === process.env.TOKEN_REMOTE_TICKET_CREATION
+  if (!apiKeyIsValid) {
+    throw new AppError(
+      "Invalid token",
+      401
+    );
+  }
+
+  return next();
+};
+
+export default verifyAPIKey;