anything-llm/collector/middleware/verifyIntegrity.js
Timothy Carambat f4088d9348
RSA-Signing on server<->collector communication via API (#1005)
* WIP integrity check between processes

* Implement integrity checking on document processor payloads
2024-04-01 13:56:35 -07:00

21 lines
685 B
JavaScript

const { CommunicationKey } = require("../utils/comKey");
function verifyPayloadIntegrity(request, response, next) {
const comKey = new CommunicationKey();
if (process.env.NODE_ENV === "development") {
comKey.log('verifyPayloadIntegrity is skipped in development.')
next();
return;
}
const signature = request.header("X-Integrity");
if (!signature) return response.status(400).json({ msg: 'Failed integrity signature check.' })
const validSignedPayload = comKey.verify(signature, request.body);
if (!validSignedPayload) return response.status(400).json({ msg: 'Failed integrity signature check.' })
next();
}
module.exports = {
verifyPayloadIntegrity
}