chore: update jwt middleware

49f8cfd5 · Steven · b27004da · 49f8cfd5 · 49f8cfd5
Commit 49f8cfd5 authored Apr 13, 2024 by Steven
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 11 deletions

jwt.go server/route/api/auth/jwt.go +0 -10

server.go server/server.go +1 -1

No files found.
--- a/server/route/api/auth/jwt.go
+++ b/server/route/api/auth/jwt.go
@@ -53,12 +53,6 @@ func JWTMiddleware(storeInstance *store.Store, next echo.HandlerFunc, secret str
 	return func(c echo.Context) error {
 		ctx := c.Request().Context()
 		path := c.Request().URL.Path
-		method := c.Request().Method
-		// Skip validation for server status endpoints.
-		if util.HasPrefixes(path, "/api/v1/ping", "/api/v1/status") && method == http.MethodGet {
-			return next(c)
-		}
 		accessToken := findAccessToken(c)
 		if accessToken == "" {
@@ -66,10 +60,6 @@ func JWTMiddleware(storeInstance *store.Store, next echo.HandlerFunc, secret str
 			if util.HasPrefixes(path, "/o") {
 				return next(c)
 			}
-			// When the request is not authenticated, we allow the user to access the memo endpoints for those public memos.
-			if util.HasPrefixes(path, "/api/v1/idp", "/api/v1/memo", "/api/v1/user") && path != "/api/v1/user" && method == http.MethodGet {
-				return next(c)
-			}
 			return echo.NewHTTPError(http.StatusUnauthorized, "Missing access token")
 		}

--- a/server/server.go
+++ b/server/server.go
@@ -88,7 +88,7 @@ func NewServer(ctx context.Context, profile *profile.Profile, store *store.Store
 	// Create and register resource public routes.
 	resource.NewResourceService(s.Profile, s.Store).RegisterRoutes(publicGroup)
-	// Create and register rss public routes.
+	// Create and register RSS routes.
 	rss.NewRSSService(s.Profile, s.Store).RegisterRoutes(rootGroup)
 	apiV2Service := apiv2.NewAPIV2Service(s.Secret, profile, store, s.Profile.Port+1)