-
Hello everyone, the existing documentation on Cron Jobs with Github Actions is missing an example on how to securely trigger API routes with proper authorization. I suggest adding a short example to the docs, as I did in nextjs-cron |
Beta Was this translation helpful? Give feedback.
Answered by
jsjoeio
Jul 20, 2021
Replies: 1 comment 3 replies
-
You should post your answer here - that would have saved me some time 😂 Guess I'll post mine. import { NextApiRequest, NextApiResponse } from "next"
export default async function handler(
req: NextApiRequest,
res: NextApiResponse
) {
if (req.method === "POST") {
try {
const { authorization } = req.headers
if (authorization === `Bearer ${process.env.API_SECRET_KEY}`) {
res.status(200).json({ success: true })
} else {
res.status(401).json({ success: false })
}
} catch (err) {
res.status(500).json({ statusCode: 500, message: err.message })
}
} else {
res.setHeader("Allow", "POST")
res.status(405).end("Method Not Allowed")
}
} To test it, run: curl --request POST \
--url 'http://localhost:3000/api/<endpoint>' \
--header 'Authorization: Bearer API_SECRET_KEY' |
Beta Was this translation helpful? Give feedback.
3 replies
Answer selected by
leerob
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
You should post your answer here - that would have saved me some time 😂 Guess I'll post mine.