Commit2654f28

authored

Fixed trigger check (#251)

1 parentd081119 commit2654f28Copy full SHA for 2654f28

File tree

+15

-3

lines changed

+15

-3

lines changed

Lines changed: 15 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -18,19 +18,23 @@ var (`
`18`	`18`	`errNotAuthorized=errors.New("no or invalid jwt token provided. You are not authorized")`
`19`	`19`
`20`	`20`	`// Non-protected URL paths which are prefix checked`
`21`		`-nonProtectedPathsPrefix= []string{`
	`21`	`+nonProtectedPathsPrefix= []string{`
`22`	`22`	`"/login",`
`23`	`23`	`"/pipeline/githook",`
`24`		`-"/trigger",`
`25`	`24`	`"/worker/register",`
`26`	`25`	`"/js/",`
`27`	`26`	`"/img/",`
`28`	`27`	`"/fonts/",`
`29`	`28`	`"/css/",`
`30`	`29`	`}`
`31`	`30`
	`31`	`+// Non-protected URL paths which are suffix checked`
	`32`	`+nonProtectedPathsSuffix= []string{`
	`33`	`+"/trigger",`
	`34`	`+}`
	`35`	`+`
`32`	`36`	`// Non-protected URL paths which are explicitly checked`
`33`		`-nonProtectedPaths= []string{`
	`37`	`+nonProtectedPaths= []string{`
`34`	`38`	`"/",`
`35`	`39`	`"/favicon.ico",`
`36`	`40`	`}`
`@@ -59,6 +63,14 @@ func AuthMiddleware(roleAuth *AuthConfig) echo.MiddlewareFunc {`
`59`	`63`	`}`
`60`	`64`	`}`
`61`	`65`
	`66`	`+// Check if it matches a suffix-based paths`
	`67`	`+for_,suffix:=rangenonProtectedPathsSuffix {`
	`68`	`+switch {`
	`69`	`+casestrings.HasSuffix(c.Path(),suffix):`
	`70`	`+returnnext(c)`
	`71`	`+}`
	`72`	`+}`
	`73`	`+`
`62`	`74`	`token,err:=getToken(c)`
`63`	`75`	`iferr!=nil {`
`64`	`76`	`returnc.String(http.StatusUnauthorized,err.Error())`

Comments

(0)