srizan/hctv
1
0
Fork 0
mirror of https://github.com/SrIzan10/hctv.git synced 2026-06-06 00:56:56 +00:00
Code Issues Packages Projects Releases 5 Wiki Activity

fix: ensure scheme is correct

Browse Source 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
This commit is contained in:
SrIzan10
2026-03-13 08:52:20 +01:00
committed by GitHub
parent f31f74eb1a
commit 1e5416f4b6
1 changed files with 27 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
apps/web/src/app/api/metrics/route.ts
View File

@@ -21,19 +21,38 @@ export async function GET(req: NextRequest) {
// source: https://vancelucas.com/blog/how-to-add-http-basic-auth-to-next-js/
function isAuthenticated(req: NextRequest) {
const authheader = req.headers.get('authorization') || req.headers.get('Authorization');
const authheader = req.headers.get('authorization') ?? req.headers.get('Authorization');
if (!authheader) {
return false;
}
const auth = Buffer.from(authheader.split(' ')[1], 'base64').toString().split(':');
const user = auth[0];
const pass = auth[1];
if (user == process.env.METRICS_USER && pass == process.env.METRICS_PASS) {
return true;
} else {
const parts = authheader.split(' ');
if (parts.length !== 2) {
return false;
}
const scheme = parts[0];
const encoded = parts[1];
if (scheme !== 'Basic' || !encoded) {
return false;
}
let decoded: string;
try {
decoded = Buffer.from(encoded, 'base64').toString();
} catch {
return false;
}
const separatorIndex = decoded.indexOf(':');
if (separatorIndex === -1) {
return false;
}
const user = decoded.substring(0, separatorIndex);
const pass = decoded.substring(separatorIndex + 1);
return user === process.env.METRICS_USER && pass === process.env.METRICS_PASS;
}