Dekescordes/spacebar
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

🐛 add webhooks to whitelist auth

Browse Source
This commit is contained in:
Flam3rboy 2021-02-22 16:48:12 +01:00
parent a0cb65ccad
commit 6e05dc6902
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/middlewares/Authentication.ts
View File

@ -2,7 +2,7 @@ import { NextFunction, Request, Response } from "express";
import { HTTPError } from "lambert-server"; import { HTTPError } from "lambert-server";
import { checkToken } from "fosscord-server-util"; import { checkToken } from "fosscord-server-util";
export const NO_AUTHORIZATION_ROUTES = ["/api/v8/auth/login", "/api/v8/auth/register"]; export const NO_AUTHORIZATION_ROUTES = ["/api/v8/auth/login", "/api/v8/auth/register", "/api/v8/webhooks/"];
declare global { declare global {
namespace Express { namespace Express {
@ -14,7 +14,7 @@ declare global {
} }
export async function Authentication(req: Request, res: Response, next: NextFunction) { export async function Authentication(req: Request, res: Response, next: NextFunction) {
if (NO_AUTHORIZATION_ROUTES.includes(req.url)) return next(); if (NO_AUTHORIZATION_ROUTES.some((x) => req.url.startsWith(x))) return next();
if (!req.headers.authorization) return next(new HTTPError("Missing Authorization Header", 401)); if (!req.headers.authorization) return next(new HTTPError("Missing Authorization Header", 401));
// TODO: check if user is banned/token expired // TODO: check if user is banned/token expired