🐛 add webhooks to whitelist auth
This commit is contained in:
parent
a0cb65ccad
commit
6e05dc6902
@ -2,7 +2,7 @@ import { NextFunction, Request, Response } from "express";
|
||||
import { HTTPError } from "lambert-server";
|
||||
import { checkToken } from "fosscord-server-util";
|
||||
|
||||
export const NO_AUTHORIZATION_ROUTES = ["/api/v8/auth/login", "/api/v8/auth/register"];
|
||||
export const NO_AUTHORIZATION_ROUTES = ["/api/v8/auth/login", "/api/v8/auth/register", "/api/v8/webhooks/"];
|
||||
|
||||
declare global {
|
||||
namespace Express {
|
||||
@ -14,7 +14,7 @@ declare global {
|
||||
}
|
||||
|
||||
export async function Authentication(req: Request, res: Response, next: NextFunction) {
|
||||
if (NO_AUTHORIZATION_ROUTES.includes(req.url)) return next();
|
||||
if (NO_AUTHORIZATION_ROUTES.some((x) => req.url.startsWith(x))) return next();
|
||||
if (!req.headers.authorization) return next(new HTTPError("Missing Authorization Header", 401));
|
||||
// TODO: check if user is banned/token expired
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user