Incoviba/oficial
1
0
Fork 0
Code Issues Pull Requests 2 Releases Wiki Activity

FIX: Auth had all paths starting with slash as valid

Browse Source
This commit is contained in:
Juan Pablo Vial
2024-03-20 20:48:05 -03:00
parent e50d80560c
commit 2ccbc31ae0
1 changed files with 6 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
app/src/Middleware/Authentication.php
View File

@ -20,6 +20,7 @@ class Authentication
public function __invoke(ServerRequestInterface $request, RequestHandlerInterface $handler): ResponseInterface
{
$this->logger->critical(var_export([$this->service->isIn(), $this->isValid($request)],true));
if ($this->service->isIn() or $this->isValid($request)) {
return $handler->handle($request);
}
@ -45,13 +46,15 @@ class Authentication
]);
$valid_paths = [
'/',
'/api'
'/'
];
if (in_array($current_path, $valid_paths, true)) {
return true;
}
foreach ($valid_paths as $path) {
$valid_subpaths = [
'/api'
];
foreach ($valid_subpaths as $path) {
if (str_starts_with($current_path, $path)) {
return true;
}