26 lines
538 B
TypeScript
26 lines
538 B
TypeScript
export default defineEventHandler((event) => {
|
|
const path = event.path || event.node.req.url || ""
|
|
|
|
if (path.startsWith("/api/")) {
|
|
return
|
|
}
|
|
|
|
const runtimeConfig = useRuntimeConfig(event)
|
|
const expectedToken = runtimeConfig.apiSecretKey
|
|
|
|
if (!expectedToken) {
|
|
return
|
|
}
|
|
|
|
if (getCookie(event, "api_auth_token") === expectedToken) {
|
|
return
|
|
}
|
|
|
|
setCookie(event, "api_auth_token", expectedToken, {
|
|
httpOnly: true,
|
|
sameSite: "lax",
|
|
secure: process.env.NODE_ENV === "production",
|
|
path: "/"
|
|
})
|
|
})
|