diff --git a/api/src/middlewares/Authentication.ts b/api/src/middlewares/Authentication.ts
index 8fbdd2b7..20ba42d8 100644
--- a/api/src/middlewares/Authentication.ts
+++ b/api/src/middlewares/Authentication.ts
@@ -3,17 +3,25 @@ import { HTTPError } from "lambert-server";
import { checkToken, Config, Rights } from "@fosscord/util";
export const NO_AUTHORIZATION_ROUTES = [
+ //Authentication routes
"/auth/login",
"/auth/register",
+ "/auth/location-metadata",
+ //Routes with a seperate auth system
"/webhooks/",
+ //Public information endpoints
"/ping",
"/gateway",
"/experiments",
+ //Public kubernetes integration
"/-/readyz",
"/-/healthz",
+ //Client nalytics
"/science",
"/track",
+ //Public policy pages
"/policies/instance",
+ //Asset delivery
/\/guilds\/\d+\/widget\.(json|png)/
];
diff --git a/api/src/routes/invites/index.ts b/api/src/routes/invites/index.ts
index 185311bc..c327a63e 100644
--- a/api/src/routes/invites/index.ts
+++ b/api/src/routes/invites/index.ts
@@ -1,5 +1,5 @@
import { Router, Request, Response } from "express";
-import { emitEvent, getPermission, Guild, Invite, InviteDeleteEvent, Member, PublicInviteRelation } from "@fosscord/util";
+import { emitEvent, getPermission, Guild, Invite, InviteDeleteEvent, User, PublicInviteRelation } from "@fosscord/util";
import { route } from "@fosscord/api";
import { HTTPError } from "lambert-server";
@@ -15,6 +15,11 @@ router.get("/:code", route({}), async (req: Request, res: Response) => {
router.post("/:code", route({}), async (req: Request, res: Response) => {
const { code } = req.params;
+ const { features } = await Guild.findOneOrFail({where: { code }});
+ const { public_flags } = await User.findOneOrFail({ id: req.user_id });
+
+ if(features.includes("INTERNAL_EMPLOYEE_ONLY") && (public_flags & 1) !== 1) throw new HTTPError("You are not allowed to join this guild.", 401)
+
const invite = await Invite.joinGuild(req.user_id, code);
res.json(invite);
diff --git a/bundle/scripts/build.js b/bundle/scripts/build.js
index 549e340f..88d76d34 100644
--- a/bundle/scripts/build.js
+++ b/bundle/scripts/build.js
@@ -26,9 +26,9 @@ dirs.forEach((a) => {
if (verbose) console.log(`Copied ${"../" + a + "/dist"} -> ${"dist/" + a + "/src"}!`);
});
-console.log("Copying src files done");
+console.log("[1/2] Copying src files done");
if (!argv.includes("copyonly")) {
- console.log("Compiling src files ...");
+ console.log("[2/2] Compiling src files ...");
console.log(
execSync(
|
