summary refs log tree commit diff
diff options
context:
space:
mode:
authorFlam3rboy <34555296+Flam3rboy@users.noreply.github.com>2021-08-16 15:07:09 +0200
committerFlam3rboy <34555296+Flam3rboy@users.noreply.github.com>2021-08-16 15:07:09 +0200
commit45f89d4531575d708023135fdd696764063591ae (patch)
tree30728cf5967abcdb49e4179b6799c8f074dba12f
parentupdate Rate Limit with new event transmission (diff)
downloadserver-45f89d4531575d708023135fdd696764063591ae.tar.xz
:sparkles: update auth middleware
Diffstat (limited to '')
-rw-r--r--api/src/middlewares/Authentication.ts12
1 files changed, 9 insertions, 3 deletions
diff --git a/api/src/middlewares/Authentication.ts b/api/src/middlewares/Authentication.ts
index 9bd2fcb7..42bb5374 100644
--- a/api/src/middlewares/Authentication.ts
+++ b/api/src/middlewares/Authentication.ts
@@ -8,8 +8,8 @@ export const NO_AUTHORIZATION_ROUTES = [
 	"/webhooks/",
 	"/ping",
 	"/gateway",
-	"/experiments"
-	// /^\/api(\/v\d+)?\/guilds\/\d+\/widget\.(json|png)/
+	"/experiments",
+	/\/guilds\/\d+\/widget\.(json|png)/
 ];
 
 export const API_PREFIX = /^\/api(\/v\d+)?/;
@@ -29,7 +29,13 @@ declare global {
 export async function Authentication(req: Request, res: Response, next: NextFunction) {
 	if (req.method === "OPTIONS") return res.sendStatus(204);
 	if (req.url.startsWith("/invites") && req.method === "GET") return next(); // @ts-ignore
-	if (NO_AUTHORIZATION_ROUTES.some((x) => req.url.startsWith(x) || x.test?.(req.url))) return next();
+	if (
+		NO_AUTHORIZATION_ROUTES.some((x) => {
+			if (typeof x === "string") return req.url.startsWith(x);
+			return x.test(req.url);
+		})
+	)
+		return next();
 	if (!req.headers.authorization) return next(new HTTPError("Missing Authorization Header", 401));
 
 	try {