diff options
author | Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> | 2021-08-16 15:07:09 +0200 |
---|---|---|
committer | Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> | 2021-08-16 15:07:09 +0200 |
commit | 45f89d4531575d708023135fdd696764063591ae (patch) | |
tree | 30728cf5967abcdb49e4179b6799c8f074dba12f /api | |
parent | update Rate Limit with new event transmission (diff) | |
download | server-45f89d4531575d708023135fdd696764063591ae.tar.xz |
:sparkles: update auth middleware
Diffstat (limited to 'api')
-rw-r--r-- | api/src/middlewares/Authentication.ts | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/api/src/middlewares/Authentication.ts b/api/src/middlewares/Authentication.ts index 9bd2fcb7..42bb5374 100644 --- a/api/src/middlewares/Authentication.ts +++ b/api/src/middlewares/Authentication.ts @@ -8,8 +8,8 @@ export const NO_AUTHORIZATION_ROUTES = [ "/webhooks/", "/ping", "/gateway", - "/experiments" - // /^\/api(\/v\d+)?\/guilds\/\d+\/widget\.(json|png)/ + "/experiments", + /\/guilds\/\d+\/widget\.(json|png)/ ]; export const API_PREFIX = /^\/api(\/v\d+)?/; @@ -29,7 +29,13 @@ declare global { export async function Authentication(req: Request, res: Response, next: NextFunction) { if (req.method === "OPTIONS") return res.sendStatus(204); if (req.url.startsWith("/invites") && req.method === "GET") return next(); // @ts-ignore - if (NO_AUTHORIZATION_ROUTES.some((x) => req.url.startsWith(x) || x.test?.(req.url))) return next(); + if ( + NO_AUTHORIZATION_ROUTES.some((x) => { + if (typeof x === "string") return req.url.startsWith(x); + return x.test(req.url); + }) + ) + return next(); if (!req.headers.authorization) return next(new HTTPError("Missing Authorization Header", 401)); try { |