YourSelfHosted/memos
1
0
Fork 0
mirror of https://github.com/usememos/memos.git synced 2025-06-05 22:09:59 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: acl middleware

Browse Source
This commit is contained in:
boojack
2022-07-28 20:09:25 +08:00
parent fa93d0fd6e
commit 5617118fa8
5 changed files with 47 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
server/acl.go
View File

@@ -53,8 +53,12 @@ func removeUserSession(ctx echo.Context) error {
func aclMiddleware(s *Server, next echo.HandlerFunc) echo.HandlerFunc {
return func(ctx echo.Context) error {
// Skip auth for some paths.
if common.HasPrefixes(ctx.Path(), "/api/auth", "/api/ping", "/api/status", "/api/user/:id") {
// Skip auth.
if common.HasPrefixes(ctx.Path(), "/api/auth") {
return next(ctx)
}
if common.HasPrefixes(ctx.Path(), "/api/ping", "/api/status", "/api/user/:id") && ctx.Request().Method == http.MethodGet {
return next(ctx)
}
@@ -104,7 +108,7 @@ func aclMiddleware(s *Server, next echo.HandlerFunc) echo.HandlerFunc {
userID := ctx.Get(getUserIDContextKey())
if userID == nil {
return echo.NewHTTPError(http.StatusUnauthorized, "Missing userID in session")
return echo.NewHTTPError(http.StatusUnauthorized, "Missing user in session")
}
return next(ctx)