:bug: add webhooks to whitelist auth

author: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> 2021-02-22 16:48:12 +0100
committer: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> 2021-02-22 16:48:12 +0100
commit: 6e05dc6902c4e64dca91962c7862fb9d885a0550 (patch)
tree: 0e662edf1c628cf9ee4df010074fa08c829d524a /src/middlewares/Authentication.ts
parent: :art: restructure + add/remove Member() function (diff)
download: server-6e05dc6902c4e64dca91962c7862fb9d885a0550.tar.xz
1 files changed, 2 insertions, 2 deletions
diff --git a/src/middlewares/Authentication.ts b/src/middlewares/Authentication.ts
index e7650684..3d49d8e4 100644
--- a/src/middlewares/Authentication.ts
+++ b/src/middlewares/Authentication.ts
@@ -2,7 +2,7 @@ import { NextFunction, Request, Response } from "express";
 import { HTTPError } from "lambert-server";
 import { checkToken } from "fosscord-server-util";
 
-export const NO_AUTHORIZATION_ROUTES = ["/api/v8/auth/login", "/api/v8/auth/register"];
+export const NO_AUTHORIZATION_ROUTES = ["/api/v8/auth/login", "/api/v8/auth/register", "/api/v8/webhooks/"];
 
 declare global {
 	namespace Express {
@@ -14,7 +14,7 @@ declare global {
 }
 
 export async function Authentication(req: Request, res: Response, next: NextFunction) {
-	if (NO_AUTHORIZATION_ROUTES.includes(req.url)) return next();
+	if (NO_AUTHORIZATION_ROUTES.some((x) => req.url.startsWith(x))) return next();
 	if (!req.headers.authorization) return next(new HTTPError("Missing Authorization Header", 401));
 	// TODO: check if user is banned/token expired
author	Flam3rboy <34555296+Flam3rboy@users.noreply.github.com>	2021-02-22 16:48:12 +0100
committer	Flam3rboy <34555296+Flam3rboy@users.noreply.github.com>	2021-02-22 16:48:12 +0100
commit	6e05dc6902c4e64dca91962c7862fb9d885a0550 (patch)
tree	0e662edf1c628cf9ee4df010074fa08c829d524a /src/middlewares/Authentication.ts
parent	:art: restructure + add/remove Member() function (diff)
download	server-6e05dc6902c4e64dca91962c7862fb9d885a0550.tar.xz