feat: expose api key in fetch instances

Author: dgcode-tec

CHANGELOG.md

@@ -11,6 +11,7 @@
 * Route to update group description
 * Route to accept invite code
 * Added configuration of events by webhook of instances
+* Now the api key can be exposed in fetch instances if the EXPOSE_IN_FETCH_INSTANCES variable is set to true
 
 ### Fixed
 

Docker/.env

@@ -70,6 +70,7 @@ AUTHENTICATION_TYPE='jwt' # or 'apikey'
 ## Define a global apikey to access all instances.
 ### OBS: This key must be inserted in the request header to create an instance.
 AUTHENTICATION_API_KEY='t8OOEeISKzpmc3jjcMqBWYSaJsafdefer'
+AUTHENTICATION_EXPOSE_IN_FETCH_INSTANCES=true
 ## Set the secret key to encrypt and decrypt your token and its expiration time
 AUTHENTICATION_JWT_EXPIRIN_IN=3600 # seconds - 3600s ===1h | zero (0) - never expires
 AUTHENTICATION_JWT_SECRET='L0YWtjb2w554WFqPG'

Dockerfile

@@ -73,6 +73,7 @@ ENV QRCODE_LIMIT=$QRCODE_LIMIT
 ENV AUTHENTICATION_TYPE=$AUTHENTICATION_TYPE
 
 ENV AUTHENTICATION_API_KEY=$AUTHENTICATION_API_KEY
+ENV AUTHENTICATION_EXPOSE_IN_FETCH_INSTANCES=$AUTHENTICATION_EXPOSE_IN_FETCH_INSTANCES
 
 ENV AUTHENTICATION_JWT_EXPIRIN_IN=$AUTHENTICATION_JWT_EXPIRIN_IN
 ENV AUTHENTICATION_JWT_SECRET="L=0YWt]b2w[WF>#>:&E`"

docker-compose.yaml

@@ -75,6 +75,8 @@ services:
       # Define a global apikey to access all instances
       # OBS: This key must be inserted in the request header to create an instance.
       - AUTHENTICATION_API_KEY=B6D711FCDE4D4FD5936544120E713976
+      # Expose the api key on return from fetch instances
+      - AUTHENTICATION_EXPOSE_IN_FETCH_INSTANCES=true
       # Set the secret key to encrypt and decrypt your token and its expiration time.
       - AUTHENTICATION_JWT_EXPIRIN_IN=0 # seconds - 3600s === 1h | zero (0) - never expires
       # Set the instance name and webhook url to create an instance in init the application

src/config/env.config.ts

@@ -82,6 +82,7 @@ export type Instance = {
 };
 export type Auth = {
   API_KEY: ApiKey;
+  EXPOSE_IN_FETCH_INSTANCES: boolean;
   JWT: Jwt;
   TYPE: 'jwt' | 'apikey';
   INSTANCE: Instance;
@@ -234,6 +235,8 @@ export class ConfigService {
         API_KEY: {
           KEY: process.env.AUTHENTICATION_API_KEY,
         },
+        EXPOSE_IN_FETCH_INSTANCES:
+          process.env?.AUTHENTICATION_EXPOSE_IN_FETCH_INSTANCES === 'true',
         JWT: {
           EXPIRIN_IN: Number.isInteger(process.env?.AUTHENTICATION_JWT_EXPIRIN_IN)
             ? Number.parseInt(process.env.AUTHENTICATION_JWT_EXPIRIN_IN)

src/dev-env.yml

@@ -118,6 +118,8 @@ AUTHENTICATION:
   API_KEY:
     # OBS: This key must be inserted in the request header to create an instance.
     KEY: B6D711FC-DE4D-4FD5-9365-44120E713976
+  # Expose the api key on return from fetch instances
+  EXPOSE_IN_FETCH_INSTANCES: true
   # Set the secret key to encrypt and decrypt your token and its expiration time.
   JWT:
     EXPIRIN_IN: 0 # seconds - 3600s === 1h | zero (0) - never expires

src/whatsapp/services/monitor.service.ts

@@ -4,7 +4,13 @@ import { INSTANCE_DIR } from '../../config/path.config';
 import EventEmitter2 from 'eventemitter2';
 import { join } from 'path';
 import { Logger } from '../../config/logger.config';
-import { ConfigService, Database, DelInstance, Redis } from '../../config/env.config';
+import {
+  Auth,
+  ConfigService,
+  Database,
+  DelInstance,
+  Redis,
+} from '../../config/env.config';
 import { RepositoryBroker } from '../repository/repository.manager';
 import { NotFoundException } from '../../exceptions';
 import { Db } from 'mongodb';
@@ -62,13 +68,22 @@ export class WAMonitoringService {
     for await (const [key, value] of Object.entries(this.waInstances)) {
       if (value) {
         if (value.connectionStatus.state === 'open') {
+          let apikey: string;
+          if (this.configService.get<Auth>('AUTHENTICATION').EXPOSE_IN_FETCH_INSTANCES) {
+            const tokenStore = await this.repository.auth.find(key);
+            apikey = tokenStore.apikey || '';
+          } else {
+            apikey = '';
+          }
+
           instances.push({
             instance: {
               instanceName: key,
               owner: value.wuid,
               profileName: (await value.getProfileName()) || 'not loaded',
               profilePictureUrl: value.profilePictureUrl,
               status: (await value.getProfileStatus()) || '',
+              apikey,
             },
           });
         } else {