From 4c8db66d58dd588aee7a6ebfcdbe037eee225612 Mon Sep 17 00:00:00 2001
From: Carlos Santos <4a.santos@gmail.com>
Date: Fri, 11 Apr 2025 12:29:45 +0200
Subject: [PATCH] backend: Add API key header constant and update middleware to
 use it

---
 backend/src/environment.ts                 | 3 +++
 backend/src/middlewares/auth.middleware.ts | 3 ++-
 backend/tests/utils/helpers.ts             | 5 ++---
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/backend/src/environment.ts b/backend/src/environment.ts
index b4d472e..4017de9 100644
--- a/backend/src/environment.ts
+++ b/backend/src/environment.ts
@@ -72,6 +72,9 @@ export const PARTICIPANT_TOKEN_COOKIE_NAME = 'OvMeetParticipantToken';
 export const ACCESS_TOKEN_COOKIE_NAME = 'OvMeetAccessToken';
 export const REFRESH_TOKEN_COOKIE_NAME = 'OvMeetRefreshToken';
 
+// Headers for API requests
+export const API_KEY_HEADER = 'X-API-KEY';
+
 // Fixed usernames
 export const MEET_ANONYMOUS_USER = 'anonymous';
 export const MEET_API_USER = 'api-user';
diff --git a/backend/src/middlewares/auth.middleware.ts b/backend/src/middlewares/auth.middleware.ts
index fc2dd8f..dd27f00 100644
--- a/backend/src/middlewares/auth.middleware.ts
+++ b/backend/src/middlewares/auth.middleware.ts
@@ -2,6 +2,7 @@ import { NextFunction, Request, RequestHandler, Response } from 'express';
 import { LoggerService, TokenService, UserService } from '../services/index.js';
 import {
 	ACCESS_TOKEN_COOKIE_NAME,
+	API_KEY_HEADER,
 	MEET_ANONYMOUS_USER,
 	MEET_API_KEY,
 	MEET_API_USER,
@@ -110,7 +111,7 @@ export const participantTokenValidator = async (req: Request) => {
 
 // Configure API key validatior
 export const apiKeyValidator = async (req: Request) => {
-	const apiKey = req.headers['x-api-key'];
+	const apiKey = req.headers[API_KEY_HEADER];
 
 	if (!apiKey) {
 		throw errorUnauthorized();
diff --git a/backend/tests/utils/helpers.ts b/backend/tests/utils/helpers.ts
index 420cbf8..be8cd5f 100644
--- a/backend/tests/utils/helpers.ts
+++ b/backend/tests/utils/helpers.ts
@@ -11,13 +11,12 @@ import {
 	MEET_USER,
 	MEET_SECRET,
 	MEET_ADMIN_USER,
-	MEET_ADMIN_SECRET
+	MEET_ADMIN_SECRET,
+	API_KEY_HEADER
 } from '../../src/environment.js';
 import { AuthMode, AuthType, MeetRoom, UserRole, MeetRoomOptions } from '../../src/typings/ce/index.js';
 import { expect } from '@jest/globals';
 
-export const API_KEY_HEADER = 'X-API-Key';
-
 const CREDENTIALS = {
 	user: {
 		username: MEET_USER,