From 2847a95c570f225a7cf0df540d4c08d02cdc8aeb Mon Sep 17 00:00:00 2001
From: Davidson Gomes <contato@agenciadgcode.com>
Date: Mon, 12 Jun 2023 16:07:38 -0300
Subject: [PATCH] feat: expose api key in fetch instances

---
 CHANGELOG.md                             |  1 +
 Docker/.env                              |  1 +
 Dockerfile                               |  1 +
 docker-compose.yaml                      |  2 ++
 src/config/env.config.ts                 |  3 +++
 src/dev-env.yml                          |  2 ++
 src/whatsapp/services/monitor.service.ts | 17 ++++++++++++++++-
 7 files changed, 26 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 9366295d..4bbe2265 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -11,6 +11,7 @@
 * Route to update group description
 * Route to accept invite code
 * Added configuration of events by webhook of instances
+* Now the api key can be exposed in fetch instances if the EXPOSE_IN_FETCH_INSTANCES variable is set to true
 
 ### Fixed
 
diff --git a/Docker/.env b/Docker/.env
index 77ce7ae4..0de30fe3 100644
--- a/Docker/.env
+++ b/Docker/.env
@@ -70,6 +70,7 @@ AUTHENTICATION_TYPE='jwt' # or 'apikey'
 ## Define a global apikey to access all instances.
 ### OBS: This key must be inserted in the request header to create an instance.
 AUTHENTICATION_API_KEY='t8OOEeISKzpmc3jjcMqBWYSaJsafdefer'
+AUTHENTICATION_EXPOSE_IN_FETCH_INSTANCES=true
 ## Set the secret key to encrypt and decrypt your token and its expiration time
 AUTHENTICATION_JWT_EXPIRIN_IN=3600 # seconds - 3600s ===1h | zero (0) - never expires
 AUTHENTICATION_JWT_SECRET='L0YWtjb2w554WFqPG'
diff --git a/Dockerfile b/Dockerfile
index b9f3ef60..f215b72e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -73,6 +73,7 @@ ENV QRCODE_LIMIT=$QRCODE_LIMIT
 ENV AUTHENTICATION_TYPE=$AUTHENTICATION_TYPE
 
 ENV AUTHENTICATION_API_KEY=$AUTHENTICATION_API_KEY
+ENV AUTHENTICATION_EXPOSE_IN_FETCH_INSTANCES=$AUTHENTICATION_EXPOSE_IN_FETCH_INSTANCES
 
 ENV AUTHENTICATION_JWT_EXPIRIN_IN=$AUTHENTICATION_JWT_EXPIRIN_IN
 ENV AUTHENTICATION_JWT_SECRET="L=0YWt]b2w[WF>#>:&E`"
diff --git a/docker-compose.yaml b/docker-compose.yaml
index be4b3495..8b03fdcb 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -75,6 +75,8 @@ services:
       # Define a global apikey to access all instances
       # OBS: This key must be inserted in the request header to create an instance.
       - AUTHENTICATION_API_KEY=B6D711FCDE4D4FD5936544120E713976
+      # Expose the api key on return from fetch instances
+      - AUTHENTICATION_EXPOSE_IN_FETCH_INSTANCES=true
       # Set the secret key to encrypt and decrypt your token and its expiration time.
       - AUTHENTICATION_JWT_EXPIRIN_IN=0 # seconds - 3600s === 1h | zero (0) - never expires
       # Set the instance name and webhook url to create an instance in init the application
diff --git a/src/config/env.config.ts b/src/config/env.config.ts
index dd8e44eb..4ad28089 100644
--- a/src/config/env.config.ts
+++ b/src/config/env.config.ts
@@ -82,6 +82,7 @@ export type Instance = {
 };
 export type Auth = {
   API_KEY: ApiKey;
+  EXPOSE_IN_FETCH_INSTANCES: boolean;
   JWT: Jwt;
   TYPE: 'jwt' | 'apikey';
   INSTANCE: Instance;
@@ -234,6 +235,8 @@ export class ConfigService {
         API_KEY: {
           KEY: process.env.AUTHENTICATION_API_KEY,
         },
+        EXPOSE_IN_FETCH_INSTANCES:
+          process.env?.AUTHENTICATION_EXPOSE_IN_FETCH_INSTANCES === 'true',
         JWT: {
           EXPIRIN_IN: Number.isInteger(process.env?.AUTHENTICATION_JWT_EXPIRIN_IN)
             ? Number.parseInt(process.env.AUTHENTICATION_JWT_EXPIRIN_IN)
diff --git a/src/dev-env.yml b/src/dev-env.yml
index d414c500..b62b0532 100644
--- a/src/dev-env.yml
+++ b/src/dev-env.yml
@@ -118,6 +118,8 @@ AUTHENTICATION:
   API_KEY:
     # OBS: This key must be inserted in the request header to create an instance.
     KEY: B6D711FC-DE4D-4FD5-9365-44120E713976
+  # Expose the api key on return from fetch instances
+  EXPOSE_IN_FETCH_INSTANCES: true
   # Set the secret key to encrypt and decrypt your token and its expiration time.
   JWT:
     EXPIRIN_IN: 0 # seconds - 3600s === 1h | zero (0) - never expires
diff --git a/src/whatsapp/services/monitor.service.ts b/src/whatsapp/services/monitor.service.ts
index 3f83cfad..fcf8f01c 100644
--- a/src/whatsapp/services/monitor.service.ts
+++ b/src/whatsapp/services/monitor.service.ts
@@ -4,7 +4,13 @@ import { INSTANCE_DIR } from '../../config/path.config';
 import EventEmitter2 from 'eventemitter2';
 import { join } from 'path';
 import { Logger } from '../../config/logger.config';
-import { ConfigService, Database, DelInstance, Redis } from '../../config/env.config';
+import {
+  Auth,
+  ConfigService,
+  Database,
+  DelInstance,
+  Redis,
+} from '../../config/env.config';
 import { RepositoryBroker } from '../repository/repository.manager';
 import { NotFoundException } from '../../exceptions';
 import { Db } from 'mongodb';
@@ -62,6 +68,14 @@ export class WAMonitoringService {
     for await (const [key, value] of Object.entries(this.waInstances)) {
       if (value) {
         if (value.connectionStatus.state === 'open') {
+          let apikey: string;
+          if (this.configService.get<Auth>('AUTHENTICATION').EXPOSE_IN_FETCH_INSTANCES) {
+            const tokenStore = await this.repository.auth.find(key);
+            apikey = tokenStore.apikey || '';
+          } else {
+            apikey = '';
+          }
+
           instances.push({
             instance: {
               instanceName: key,
@@ -69,6 +83,7 @@ export class WAMonitoringService {
               profileName: (await value.getProfileName()) || 'not loaded',
               profilePictureUrl: value.profilePictureUrl,
               status: (await value.getProfileStatus()) || '',
+              apikey,
             },
           });
         } else {