fp/packages/link2cid/src/middleware/auth.js

module.exports.authenticate = function authenticate(req, res, next) {
    const bearerToken = req.headers?.authorization.split(' ').at(1);
    if (!bearerToken) {
        const msg = `authorization bearer token was missing from request headers`;
        console.error(msg);
        return res.status(401).json({ error: true, message: msg });
    }
    if (bearerToken !== process.env.API_KEY) {
        const msg = 'INCORRECT API_KEY (wrong token)';
        console.error(msg);
        return res.status(403).json({ error: true, message: msg });
    } else {
        next();
    }
}