Skip to content

Instantly share code, notes, and snippets.

@mydansun

mydansun/apiKey.js

Last active July 10, 2025 18:44
Show Gist options
  • Save mydansun/c5aaf0ba0830f7f8f233c4595e5e184f to your computer and use it in GitHub Desktop.
Save mydansun/c5aaf0ba0830f7f8f233c4595e5e184f to your computer and use it in GitHub Desktop.
Download ZIP
payloadcms fix
Raw
apiKey.js
import crypto from 'crypto'
const encryptKey = ({ req, value }) => value ? req.payload.encrypt(value) : null
//const decryptKey = ({ req, value })=>value ? req.payload.decrypt(value) : undefined;
const decryptKey = ({ req, value }) => {
try {
return value ? req.payload.decrypt(value) : undefined
} catch (e) {
console.log('decryptKey failed', { e, value })
return undefined
}
}
export const apiKeyFields = [
{
name: 'enableAPIKey',
type: 'checkbox',
admin: {
components: {
Field: false,
},
},
label: ({ t }) => t('authentication:enableAPIKey'),
},
{
name: 'apiKey',
type: 'text',
admin: {
components: {
Field: false,
},
},
hooks: {
afterRead: [
decryptKey,
],
beforeChange: [
encryptKey,
],
},
label: ({ t }) => t('authentication:apiKey'),
},
{
name: 'apiKeyIndex',
type: 'text',
admin: {
disabled: true,
},
hidden: true,
hooks: {
beforeValidate: [
({ data, req, value }) => {
if (data?.apiKey === false || data?.apiKey === null) {
return null
}
if (data?.enableAPIKey === false || data?.enableAPIKey === null) {
return null
}
if (data?.apiKey) {
console.log(data.apiKey)
return crypto.createHmac('sha1', req.payload.secret).update(data.apiKey).digest('hex')
}
return value
},
],
},
},
]
//# sourceMappingURL=apiKey.js.map
Raw
fix.sh
#!/bin/sh
set -eu
# 1. resolve the payload entry point
resolved_path=$(node -p 'require.resolve("payload")' 2>/dev/null) || {
echo "Error: cannot resolve 'payload'. Make sure you're in the project root and 'payload' is installed." >&2
exit 1
}
# 2. derive the dist directory
dist_dir=$(dirname "$resolved_path")
echo "Found payload dist directory: $dist_dir"
# 3. check for auth/baseFields/apiKey.js
target="$dist_dir/auth/baseFields/apiKey.js"
if [ ! -f "$target" ]; then
echo "Error: target file not found: $target" >&2
exit 1
fi
GIST_URL='https://gist.githubusercontent.com/mydansun/c5aaf0ba0830f7f8f233c4595e5e184f/raw/apiKey.js'
curl -fsSL "$GIST_URL" -o "$target"
# 4. check for auth/strategies/apiKey.js
# target2="$dist_dir/auth/strategies/apiKey.js"
# if [ ! -f "$target2" ]; then
# echo "Error: target file not found: $target2" >&2
# exit 1
# fi
# GIST_URL2='https://gist.githubusercontent.com/mydansun/c5aaf0ba0830f7f8f233c4595e5e184f/raw/strategies-apiKey.js'
# curl -fsSL "$GIST_URL2" -o "$target2"
echo "Success: $target updated."
Raw
strategies-apiKey.js
import crypto from 'crypto'
export const APIKeyAuthentication = (collectionConfig) => async ({ headers, payload }) => {
const authHeader = headers.get('Authorization')
if (authHeader?.startsWith(`${collectionConfig.slug} API-Key `)) {
const apiKey = authHeader.replace(`${collectionConfig.slug} API-Key `, '')
const sha1APIKeyIndex = crypto.createHmac('sha1', payload.secret).update(apiKey).digest('hex')
const sha256APIKeyIndex = crypto
.createHmac('sha256', payload.secret)
.update(apiKey)
.digest('hex')
const apiKeyConstraints = [
{
apiKeyIndex: {
equals: sha1APIKeyIndex,
},
},
{
apiKeyIndex: {
equals: sha256APIKeyIndex,
},
},
]
try {
const where = {}
if (collectionConfig.auth?.verify) {
where.and = [
{
or: apiKeyConstraints,
},
{
_verified: {
not_equals: false,
},
},
]
} else {
where.or = apiKeyConstraints
}
const userQuery = await payload.find({
collection: collectionConfig.slug,
depth: collectionConfig.auth.depth,
limit: 1,
overrideAccess: true,
pagination: false,
where,
})
if (userQuery.docs && userQuery.docs.length > 0) {
const user = userQuery.docs[0]
user.collection = collectionConfig.slug
user._strategy = 'api-key'
return {
user: user,
}
}
} catch (ignore) {
return {
user: null,
}
}
}
return {
user: null,
}
}
//# sourceMappingURL=apiKey.js.map
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment