diff options
| -rw-r--r-- | src/middlewares/Authentication.ts | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/middlewares/Authentication.ts b/src/middlewares/Authentication.ts index e7650684..3d49d8e4 100644 --- a/src/middlewares/Authentication.ts +++ b/src/middlewares/Authentication.ts @@ -2,7 +2,7 @@ import { NextFunction, Request, Response } from "express"; import { HTTPError } from "lambert-server"; import { checkToken } from "fosscord-server-util"; -export const NO_AUTHORIZATION_ROUTES = ["/api/v8/auth/login", "/api/v8/auth/register"]; +export const NO_AUTHORIZATION_ROUTES = ["/api/v8/auth/login", "/api/v8/auth/register", "/api/v8/webhooks/"]; declare global { namespace Express { @@ -14,7 +14,7 @@ declare global { } export async function Authentication(req: Request, res: Response, next: NextFunction) { - if (NO_AUTHORIZATION_ROUTES.includes(req.url)) return next(); + if (NO_AUTHORIZATION_ROUTES.some((x) => req.url.startsWith(x))) return next(); if (!req.headers.authorization) return next(new HTTPError("Missing Authorization Header", 401)); // TODO: check if user is banned/token expired |