From 6af00c32f7ea2a825cd239ea904ddc76bc7c2cb1 Mon Sep 17 00:00:00 2001
From: Xiao Hanyu <xiaohanyu1988@gmail.com>
Date: Wed, 13 Dec 2023 21:31:13 +0800
Subject: [PATCH] docs: fix code error for API protection with node(express)

---
 .../recipes/protect-your-api/fragments/_token_extract.mdx     | 4 +++-
 docs/docs/recipes/protect-your-api/node.mdx                   | 4 +++-
 .../recipes/protect-your-api/fragments/_token_extract.mdx     | 4 +++-
 .../version-1.x/docs/recipes/protect-your-api/node.mdx        | 4 +++-
 4 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/docs/docs/recipes/protect-your-api/fragments/_token_extract.mdx b/docs/docs/recipes/protect-your-api/fragments/_token_extract.mdx
index 731cf29a284..7a4afe00a21 100644
--- a/docs/docs/recipes/protect-your-api/fragments/_token_extract.mdx
+++ b/docs/docs/recipes/protect-your-api/fragments/_token_extract.mdx
@@ -13,11 +13,13 @@ The request should contain an `Authorization` header with a `Bearer <access_toke
 import { IncomingHttpHeaders } from 'http';
 
 const extractBearerTokenFromHeaders = ({ authorization }: IncomingHttpHeaders) => {
+  const bearerTokenIdentifier = 'Bearer'
+
   if (!authorization) {
     throw new Error({ code: 'auth.authorization_header_missing', status: 401 });
   }
 
-  if (!authorization.startsWith('Bearer')) {
+  if (!authorization.startsWith(bearerTokenIdentifier)) {
     throw new Error({ code: 'auth.authorization_token_type_not_supported', status: 401 });
   }
 
diff --git a/docs/docs/recipes/protect-your-api/node.mdx b/docs/docs/recipes/protect-your-api/node.mdx
index e22a514eb2a..4e743a398c2 100644
--- a/docs/docs/recipes/protect-your-api/node.mdx
+++ b/docs/docs/recipes/protect-your-api/node.mdx
@@ -22,11 +22,13 @@ A authorized request should contain an `Authorization` header with `Bearer <acce
 import { IncomingHttpHeaders } from 'http';
 
 const extractBearerTokenFromHeaders = ({ authorization }: IncomingHttpHeaders) => {
+  const bearerTokenIdentifier = 'Bearer'
+
   if (!authorization) {
     throw new Error({ code: 'auth.authorization_header_missing', status: 401 });
   }
 
-  if (!authorization.startsWith('Bearer')) {
+  if (!authorization.startsWith(bearerTokenIdentifier)) {
     throw new Error({ code: 'auth.authorization_token_type_not_supported', status: 401 });
   }
 
diff --git a/versioned_docs/version-1.x/docs/recipes/protect-your-api/fragments/_token_extract.mdx b/versioned_docs/version-1.x/docs/recipes/protect-your-api/fragments/_token_extract.mdx
index 731cf29a284..7a4afe00a21 100644
--- a/versioned_docs/version-1.x/docs/recipes/protect-your-api/fragments/_token_extract.mdx
+++ b/versioned_docs/version-1.x/docs/recipes/protect-your-api/fragments/_token_extract.mdx
@@ -13,11 +13,13 @@ The request should contain an `Authorization` header with a `Bearer <access_toke
 import { IncomingHttpHeaders } from 'http';
 
 const extractBearerTokenFromHeaders = ({ authorization }: IncomingHttpHeaders) => {
+  const bearerTokenIdentifier = 'Bearer'
+
   if (!authorization) {
     throw new Error({ code: 'auth.authorization_header_missing', status: 401 });
   }
 
-  if (!authorization.startsWith('Bearer')) {
+  if (!authorization.startsWith(bearerTokenIdentifier)) {
     throw new Error({ code: 'auth.authorization_token_type_not_supported', status: 401 });
   }
 
diff --git a/versioned_docs/version-1.x/docs/recipes/protect-your-api/node.mdx b/versioned_docs/version-1.x/docs/recipes/protect-your-api/node.mdx
index e22a514eb2a..4e743a398c2 100644
--- a/versioned_docs/version-1.x/docs/recipes/protect-your-api/node.mdx
+++ b/versioned_docs/version-1.x/docs/recipes/protect-your-api/node.mdx
@@ -22,11 +22,13 @@ A authorized request should contain an `Authorization` header with `Bearer <acce
 import { IncomingHttpHeaders } from 'http';
 
 const extractBearerTokenFromHeaders = ({ authorization }: IncomingHttpHeaders) => {
+  const bearerTokenIdentifier = 'Bearer'
+
   if (!authorization) {
     throw new Error({ code: 'auth.authorization_header_missing', status: 401 });
   }
 
-  if (!authorization.startsWith('Bearer')) {
+  if (!authorization.startsWith(bearerTokenIdentifier)) {
     throw new Error({ code: 'auth.authorization_token_type_not_supported', status: 401 });
   }