refactor: Update x-api-key

tjtanjin · tjtanjin · commit 2189b48b8294 · 2025-06-09T23:46:28.000+08:00
diff --git a/README.md b/README.md
@@ -163,7 +163,7 @@ These endpoints proxy requests to external LLM providers.
 #### RAG API Endpoints
 
 ##### Management Endpoints
-These endpoints are used to manage documents in the RAG system. **They are protected and require an `X-API-Key` header matching the `RAG_MANAGEMENT_API_KEY` defined in your `.env` file.**
+These endpoints are used to manage documents in the RAG system. **They are protected and require an `X-API-KEY` header matching the `RAG_MANAGEMENT_API_KEY` defined in your `.env` file.**
 
 -   **`POST /rag/manage/documents`**
     *   Uploads a Markdown document.
@@ -210,7 +210,7 @@ The default port `8080` is used in these examples.
 
 1.  **Upload a document:**
     ```bash
-    curl -X POST -H "X-API-Key: your_secure_api_key_here" \
+    curl -X POST -H "X-API-KEY: your_secure_api_key_here" \
          -F "documentId=my_test_doc_01" \
          -F "markdownFile=@/path/to/your/document.md" \
          http://localhost:8080/api/v1/rag/manage/documents
@@ -237,13 +237,13 @@ The default port `8080` is used in these examples.
 
 3.  **Get a document's content:**
     ```bash
-    curl -X GET -H "X-API-Key: your_secure_api_key_here" \
+    curl -X GET -H "X-API-KEY: your_secure_api_key_here" \
          http://localhost:8080/api/v1/rag/manage/documents/my_test_doc_01
     ```
 
 4.  **Delete a document:**
     ```bash
-    curl -X DELETE -H "X-API-Key: your_secure_api_key_here" \
+    curl -X DELETE -H "X-API-KEY: your_secure_api_key_here" \
          http://localhost:8080/api/v1/rag/manage/documents/my_test_doc_01
     ```
 
diff --git a/src/middleware/__tests__/auth.test.ts b/src/middleware/__tests__/auth.test.ts
@@ -32,7 +32,7 @@ describe('API Key Authentication Middleware (apiKeyAuth)', () => {
   });
 
   it('should call next() if API key is valid', () => {
-    const req = mockRequest({ 'X-API-Key': 'test-api-key' }) as Request;
+    const req = mockRequest({ 'X-API-KEY': 'test-api-key' }) as Request;
     const res = mockResponse() as Response;
 
     apiKeyAuth(req, res, mockNextFunction);
@@ -43,7 +43,7 @@ describe('API Key Authentication Middleware (apiKeyAuth)', () => {
   });
 
   it('should return 401 if API key is missing', () => {
-    const req = mockRequest({}) as Request; // No X-API-Key header
+    const req = mockRequest({}) as Request; // No X-API-KEY header
     const res = mockResponse() as Response;
 
     apiKeyAuth(req, res, mockNextFunction);
@@ -54,7 +54,7 @@ describe('API Key Authentication Middleware (apiKeyAuth)', () => {
   });
 
   it('should return 401 if API key is invalid', () => {
-    const req = mockRequest({ 'X-API-Key': 'invalid-api-key' }) as Request;
+    const req = mockRequest({ 'X-API-KEY': 'invalid-api-key' }) as Request;
     const res = mockResponse() as Response;
 
     apiKeyAuth(req, res, mockNextFunction);
@@ -66,7 +66,7 @@ describe('API Key Authentication Middleware (apiKeyAuth)', () => {
 
   it('should return 500 if RAG API key is not configured on the server (empty string)', () => {
     (config as any).ragApiKey = ''; // Simulate not configured (empty string)
-    const req = mockRequest({ 'X-API-Key': 'any-key' }) as Request;
+    const req = mockRequest({ 'X-API-KEY': 'any-key' }) as Request;
     const res = mockResponse() as Response;
 
     apiKeyAuth(req, res, mockNextFunction);
@@ -80,7 +80,7 @@ describe('API Key Authentication Middleware (apiKeyAuth)', () => {
 
   it('should return 500 if RAG API key is not configured on the server (undefined)', () => {
     (config as any).ragApiKey = undefined; // Simulate not configured (undefined)
-    const req = mockRequest({ 'X-API-Key': 'any-key' }) as Request;
+    const req = mockRequest({ 'X-API-KEY': 'any-key' }) as Request;
     const res = mockResponse() as Response;
 
     apiKeyAuth(req, res, mockNextFunction);
diff --git a/src/middleware/auth.ts b/src/middleware/auth.ts
@@ -3,7 +3,7 @@ import { NextFunction, Request, Response } from 'express';
 import { config } from '../config';
 
 export const apiKeyAuth = (req: Request, res: Response, next: NextFunction) => {
-  const apiKey = req.header('X-API-Key');
+  const apiKey = req.header('X-API-KEY');
 
   if (!config.ragApiKey || config.ragApiKey.trim() === '') {
     console.error('RAG API Key not configured. Denying access.');
@@ -22,7 +22,7 @@ export const apiKeyAuth = (req: Request, res: Response, next: NextFunction) => {
 };
 
 export const queryApiKeyAuth = (req: Request, res: Response, next: NextFunction) => {
-  const apiKey = req.header('X-API-Key');
+  const apiKey = req.header('X-API-KEY');
 
   if (!config.ragQueryApiKey || config.ragQueryApiKey.trim() === '') {
     console.error('RAG Query API Key not configured. Denying access.');
diff --git a/src/swagger.ts b/src/swagger.ts
@@ -4,7 +4,7 @@ const swaggerDocument = {
       ApiKeyAuth: {
         description: 'API Key for accessing protected endpoints.',
         in: 'header',
-        name: 'X-API-Key',
+        name: 'X-API-KEY',
         type: 'apiKey',
       },
     },
