aykhans/slash-e
1
0
Fork 0
mirror of https://github.com/aykhans/slash-e.git synced 2025-04-18 21:19:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

chore: update jwt middleware

Browse Source
This commit is contained in:
Steven 2023-07-04 21:07:12 +08:00
parent 7d90b47875
commit 1084381bbf
1 changed files with 3 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
api/v1/jwt.go
View File

@ -77,14 +77,15 @@ func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) e
path := c.Path() path := c.Path()
method := c.Request().Method method := c.Request().Method
if defaultAuthSkipper(c) { // Pass auth and profile endpoints.
if util.HasPrefixes(path, "/api/v1/auth", "/api/v1/workspace/profile") {
return next(c) return next(c)
} }
token := findAccessToken(c) token := findAccessToken(c)
if token == "" { if token == "" {
// When the request is not authenticated, we allow the user to access the shortcut endpoints for those public shortcuts. // When the request is not authenticated, we allow the user to access the shortcut endpoints for those public shortcuts.
if util.HasPrefixes(path, "/api/v1/workspace/profile", "/s/*") && method == http.MethodGet { if util.HasPrefixes(path, "/s/*") && method == http.MethodGet {
return next(c) return next(c)
} }
return echo.NewHTTPError(http.StatusUnauthorized, "Missing access token") return echo.NewHTTPError(http.StatusUnauthorized, "Missing access token")
@ -195,8 +196,3 @@ func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) e
return next(c) return next(c)
} }
} }
func defaultAuthSkipper(c echo.Context) bool {
path := c.Path()
return util.HasPrefixes(path, "/api/v1/auth")
}