Allow for easy key-rotation #37
Description
The current implementation of the key strategy for passport makes it hard to rotate the CLAY_ACCESS_TOKEN. For a start, could the key.js strategy fallback to also check a previous token (we'd have to define that all the way through). e.g.
diff --git a/strategies/key.js b/strategies/key.js
index d6b0d23..a74636a 100644
--- a/strategies/key.js
+++ b/strategies/key.js
@@ -10,7 +10,8 @@ const passport = require('passport'),
* @param {function} done
*/
function apiCallback(apikey, done) {
- if (apikey === process.env.CLAY_ACCESS_KEY) {
+ if (apikey === process.env.CLAY_ACCESS_KEY ||
+ apikey === process.env.PREVIOUS_CLAY_ACCESS_KEY) {
// If we're using an API Key then we're assuming the user is
// has admin privileges by defining the auth level in the next line
done(null, { provider: 'apikey', auth: 'admin' });