Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

FEAT: add API Key to access some APIs #132

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

madjiebimaa
Copy link
Contributor

Closes #34

Description

Add the API key to the env variable, make sure the Server (by default can read) and Client can read that env variable, and create a middleware so that the function can run on specific or whole APIs (for initialization the function will be run on the /api/private/question/*).

Current Tasks

  • Add new env API_KEY
  • Passing the key in the header request
  • Read the key, make sure it's match with our env value
  • I can rotate the value when abuse happens, ideally it happened in the runtime, but if it's hard then we can trigger deployment

Asks

  • I don't really understand how to implement the last part mas, and I'm just wondering what the conditions are for someone to abuse our API?

@vercel
Copy link

vercel bot commented Oct 24, 2023

Someone is attempting to deploy a commit to a Personal Account owned by @mazipan on Vercel.

@mazipan first needs to authorize it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Adding API Key to access some Apis
1 participant