I have a self-hosted Ghost blog running. I want to check for the presence of a custom header, for example X-Den-Was-Here.
What I want to implement is a conditional check, where:
Where would be the most appropriate place to perform this check within the Ghost infra?
As it turns out, the solution to this (and I am open to have someone validate it and show me that I chose the wrong location for it) is to modify the caching layer to verify an inbound request header.
For that, you need \core\server\middleware\cache-control.js. Within the cacheControlHeaders function, you can just add the snippet below right before the next() call:
if (req.headers["den-was-here"] != "1")
{
return res.sendStatus(401);
}
This will effectively throw a 401 Unauthorized response for any request that does not carry the header.