diff --git a/nodeapp/app.js b/nodeapp/app.js index b61ba4d..0180877 100644 --- a/nodeapp/app.js +++ b/nodeapp/app.js @@ -57,6 +57,11 @@ app.get('/exportall', (req, res) => { // Handle requests for /showsettings by retrieving all settings from the database and returning a JSON object app.get('/showsettings', (req, res) => { + // Check that the expected key has been included with the web request + if (!req.headers['export-key'] || req.headers['export-key'] != process.env.SECRET) { + return res.status(401).send('Authorization header not found').end(); + } + db.Settings.findAll().then((result) => { res.status(200).send(result).end(); })