From a14c75288e07ff199a776f0d6c3d46881112a0d7 Mon Sep 17 00:00:00 2001
From: Ford <ford@thegraph.com>
Date: Tue, 14 May 2024 17:33:15 -0700
Subject: [PATCH] service: Align /network path auth with /subgraph path auth

- Require the 'bearer' string in authorization header on /network path
---
 packages/indexer-service/src/server/index.ts | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/packages/indexer-service/src/server/index.ts b/packages/indexer-service/src/server/index.ts
index 5ab3fb3d4..8e5d5ef00 100644
--- a/packages/indexer-service/src/server/index.ts
+++ b/packages/indexer-service/src/server/index.ts
@@ -218,9 +218,14 @@ export const createApp = async ({
         try {
           logger.info(`Handle network subgraph query`)
 
+          let networkSubgraphAuthValue: string | undefined
+          if (networkSubgraphAuthToken) {
+            networkSubgraphAuthValue = `Bearer ${networkSubgraphAuthToken}`
+          }
+
           if (
-            networkSubgraphAuthToken &&
-            req.headers['authorization'] !== networkSubgraphAuthToken
+            networkSubgraphAuthValue &&
+            req.headers['authorization'] !== networkSubgraphAuthValue
           ) {
             throw new Error(`Invalid auth token`)
           }