docs: fix code error for API protection with node(express)

logto-io · Dec 13, 2023 · 6af00c3 · 6af00c3
1 parent 3536964
commit 6af00c3
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 4 deletions.
diff --git a/docs/docs/recipes/protect-your-api/fragments/_token_extract.mdx b/docs/docs/recipes/protect-your-api/fragments/_token_extract.mdx
@@ -13,11 +13,13 @@ The request should contain an `Authorization` header with a `Bearer <access_toke
 import { IncomingHttpHeaders } from 'http';
 
 const extractBearerTokenFromHeaders = ({ authorization }: IncomingHttpHeaders) => {
+  const bearerTokenIdentifier = 'Bearer'
+
   if (!authorization) {
     throw new Error({ code: 'auth.authorization_header_missing', status: 401 });
   }
 
-  if (!authorization.startsWith('Bearer')) {
+  if (!authorization.startsWith(bearerTokenIdentifier)) {
     throw new Error({ code: 'auth.authorization_token_type_not_supported', status: 401 });
   }
 

diff --git a/docs/docs/recipes/protect-your-api/node.mdx b/docs/docs/recipes/protect-your-api/node.mdx
@@ -22,11 +22,13 @@ A authorized request should contain an `Authorization` header with `Bearer <acce
 import { IncomingHttpHeaders } from 'http';
 
 const extractBearerTokenFromHeaders = ({ authorization }: IncomingHttpHeaders) => {
+  const bearerTokenIdentifier = 'Bearer'
+
   if (!authorization) {
     throw new Error({ code: 'auth.authorization_header_missing', status: 401 });
   }
 
-  if (!authorization.startsWith('Bearer')) {
+  if (!authorization.startsWith(bearerTokenIdentifier)) {
     throw new Error({ code: 'auth.authorization_token_type_not_supported', status: 401 });
   }
 

diff --git a/...ned_docs/version-1.x/docs/recipes/protect-your-api/fragments/_token_extract.mdx b/...ned_docs/version-1.x/docs/recipes/protect-your-api/fragments/_token_extract.mdx
@@ -13,11 +13,13 @@ The request should contain an `Authorization` header with a `Bearer <access_toke
 import { IncomingHttpHeaders } from 'http';
 
 const extractBearerTokenFromHeaders = ({ authorization }: IncomingHttpHeaders) => {
+  const bearerTokenIdentifier = 'Bearer'
+
   if (!authorization) {
     throw new Error({ code: 'auth.authorization_header_missing', status: 401 });
   }
 
-  if (!authorization.startsWith('Bearer')) {
+  if (!authorization.startsWith(bearerTokenIdentifier)) {
     throw new Error({ code: 'auth.authorization_token_type_not_supported', status: 401 });
   }
 

diff --git a/versioned_docs/version-1.x/docs/recipes/protect-your-api/node.mdx b/versioned_docs/version-1.x/docs/recipes/protect-your-api/node.mdx
@@ -22,11 +22,13 @@ A authorized request should contain an `Authorization` header with `Bearer <acce
 import { IncomingHttpHeaders } from 'http';
 
 const extractBearerTokenFromHeaders = ({ authorization }: IncomingHttpHeaders) => {
+  const bearerTokenIdentifier = 'Bearer'
+
   if (!authorization) {
     throw new Error({ code: 'auth.authorization_header_missing', status: 401 });
   }
 
-  if (!authorization.startsWith('Bearer')) {
+  if (!authorization.startsWith(bearerTokenIdentifier)) {
     throw new Error({ code: 'auth.authorization_token_type_not_supported', status: 401 });
   }