CodeCow/stack
1
0
Fork 0
mirror of https://github.com/stack-auth/stack.git synced 2026-06-04 21:04:37 +08:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Update API key regex
Some checks failed
all-good: Did all the other checks pass? / all-good (push) Has been cancelled
Details
Ensure Prisma migrations are in sync with the schema / check_prisma_migrations (22.x) (push) Has been cancelled
Details
Docker Emulator Test / docker (push) Has been cancelled
Details
Docker Server Build and Push / Docker Build and Push Server (push) Has been cancelled
Details
Docker Server Test / docker (push) Has been cancelled
Details
Runs E2E API Tests / build (22.x) (push) Has been cancelled
Details
Lint & build / lint_and_build (latest) (push) Has been cancelled
Details
Preview Docs / run (push) Has been cancelled
Details
Dev Environment Test / restart-dev-and-test (push) Has been cancelled
Details
Run setup tests / setup-tests (push) Has been cancelled
Details
TOC Generator / TOC Generator (push) Has been cancelled
Details

Browse Source
This commit is contained in:
Konstantin Wohlwend 2025-04-07 18:08:26 -07:00
parent a7679f862e
commit 7df6191dc4
2 changed files with 12 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.vscode/settings.json vendored
View File

@ -11,6 +11,7 @@
"backlinks",
"Cancelation",
"Cdfc",
"checksummable",
"chinthakagodawita",
"cjsx",
"clsx",

21
packages/stack-shared/src/utils/api-keys.tsx
View File

@ -11,7 +11,8 @@ const API_KEY_LENGTHS = {
SECRET_PART: 45,
ID_PART: 32,
TYPE_PART: 4,
SCANNER_AND_MARKER: 10,
SCANNER: 1,
MARKER: 9,
CHECKSUM: 8,
} as const;
@ -59,12 +60,13 @@ function createApiKeyParts(options: Pick<ProjectApiKey, "id" | "isPublic" | "isC
function parseApiKeyParts(secret: string) {
const regex = new RegExp(
`^([^_]+)_` + // prefix
`(.{${API_KEY_LENGTHS.SECRET_PART}})` + // secretPart
`(.{${API_KEY_LENGTHS.ID_PART}})` + // idPart
`(.{${API_KEY_LENGTHS.TYPE_PART}})` + // type
`(.{${API_KEY_LENGTHS.SCANNER_AND_MARKER}})` + // scannerAndMarker
`(.{${API_KEY_LENGTHS.CHECKSUM}})$` // checksum
`^([a-zA-Z0-9_]+)_` + // prefix
`([a-zA-Z0-9_]{${API_KEY_LENGTHS.SECRET_PART}})` + // secretPart
`([a-zA-Z0-9_]{${API_KEY_LENGTHS.ID_PART}})` + // idPart
`([a-zA-Z0-9_]{${API_KEY_LENGTHS.TYPE_PART}})` + // type
`([a-zA-Z0-9_]{${API_KEY_LENGTHS.SCANNER}})` + // scanner
`(${STACK_AUTH_MARKER})` + // marker
`([a-zA-Z0-9_]{${API_KEY_LENGTHS.CHECKSUM}})$` // checksum
);
const match = secret.match(regex);
@ -72,13 +74,12 @@ function parseApiKeyParts(secret: string) {
throw new StackAssertionError("Invalid API key format");
}
const [, prefix, secretPart, idPart, type, scannerAndMarker, checksum] = match;
const [, prefix, secretPart, idPart, type, scannerFlag, marker, checksum] = match;
const scannerFlag = scannerAndMarker.replace(STACK_AUTH_MARKER, "");
const isCloudVersion = parseInt(scannerFlag, 32) % 2 === 0;
const isPublic = (parseInt(scannerFlag, 32) & 2) !== 0;
const checksummablePart = `${prefix}_${secretPart}${idPart}${type}${scannerAndMarker}`;
const checksummablePart = `${prefix}_${secretPart}${idPart}${type}${scannerFlag}${marker}`;
const restored_id = idPart.replace(/(.{8})(.{4})(.{4})(.{4})(.{12})/, "$1-$2-$3-$4-$5");
if (!["user", "team"].includes(type)) {