From 40112d583dc943fa8f7567802aaafd0145b37eeb Mon Sep 17 00:00:00 2001
From: Fred Liang <info@fredliang.cn>
Date: Mon, 25 Dec 2023 04:07:35 +0800
Subject: [PATCH] fix: fix issue
 https://github.com/ChatGPTNextWeb/ChatGPT-Next-Web/issues/3616

---
 app/api/auth.ts                   | 13 +++++--------
 app/api/google/[...path]/route.ts | 13 +++++++++++++
 2 files changed, 18 insertions(+), 8 deletions(-)

diff --git a/app/api/auth.ts b/app/api/auth.ts
index 043ad0d314a..ed2b67271c0 100644
--- a/app/api/auth.ts
+++ b/app/api/auth.ts
@@ -16,11 +16,11 @@ function getIP(req: NextRequest) {
 
 function parseApiKey(bearToken: string) {
   const token = bearToken.trim().replaceAll("Bearer ", "").trim();
-  const isOpenAiKey = !token.startsWith(ACCESS_CODE_PREFIX);
+  const isApiKey = !token.startsWith(ACCESS_CODE_PREFIX);
 
   return {
-    accessCode: isOpenAiKey ? "" : token.slice(ACCESS_CODE_PREFIX.length),
-    apiKey: isOpenAiKey ? token : "",
+    accessCode: isApiKey ? "" : token.slice(ACCESS_CODE_PREFIX.length),
+    apiKey: isApiKey ? token : "",
   };
 }
 
@@ -49,7 +49,7 @@ export function auth(req: NextRequest) {
   if (serverConfig.hideUserApiKey && !!apiKey) {
     return {
       error: true,
-      msg: "you are not allowed to access openai with your own api key",
+      msg: "you are not allowed to access with your own api key",
     };
   }
 
@@ -64,10 +64,7 @@ export function auth(req: NextRequest) {
 
     if (systemApiKey) {
       console.log("[Auth] use system api key");
-      req.headers.set(
-        "Authorization",
-        `Bearer ${systemApiKey}`,
-      );
+      req.headers.set("Authorization", `Bearer ${systemApiKey}`);
     } else {
       console.log("[Auth] admin did not provide an api key");
     }
diff --git a/app/api/google/[...path]/route.ts b/app/api/google/[...path]/route.ts
index 21755678477..28b9822a5c0 100644
--- a/app/api/google/[...path]/route.ts
+++ b/app/api/google/[...path]/route.ts
@@ -39,9 +39,22 @@ async function handle(
     10 * 60 * 1000,
   );
 
+  const authResult = auth(req);
+  if (authResult.error) {
+    return NextResponse.json(authResult, {
+      status: 401,
+    });
+  }
+
   const bearToken = req.headers.get("Authorization") ?? "";
   const token = bearToken.trim().replaceAll("Bearer ", "").trim();
 
+  console.log(
+    bearToken,
+    serverConfig.googleApiKey,
+    token ? token : serverConfig.googleApiKey,
+  );
+
   const key = token ? token : serverConfig.googleApiKey;
   if (!key) {
     return NextResponse.json(