ilia/Jobber
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

allow extra pages through auth

Browse Source
This commit is contained in:
DaKheera47 2026-01-16 02:28:23 +00:00
parent 631877e525
commit 63d8c40c2e
1 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
orchestrator/src/server/app.ts
View File

@ -33,12 +33,21 @@ function buildBasicAuthMiddleware() {
return user === BASIC_AUTH_USER && pass === BASIC_AUTH_PASSWORD;
}
function requiresAuth(method: string): boolean {
function isPublicReadOnlyRoute(method: string, path: string): boolean {
const normalizedMethod = method.toUpperCase();
const normalizedPath = path.split('?')[0] || path;
if (normalizedMethod === 'POST' && normalizedPath === '/api/ukvisajobs/search') return true;
if (normalizedMethod === 'POST' && normalizedPath === '/api/visa-sponsors/search') return true;
return false;
}
function requiresAuth(method: string, path: string): boolean {
if (isPublicReadOnlyRoute(method, path)) return false;
return !['GET', 'HEAD', 'OPTIONS'].includes(method.toUpperCase());
}
return (req: express.Request, res: express.Response, next: express.NextFunction) => {
if (!basicAuthEnabled || !requiresAuth(req.method)) return next();
if (!basicAuthEnabled || !requiresAuth(req.method, req.path)) return next();
if (isAuthorized(req)) return next();
res.setHeader('WWW-Authenticate', 'Basic realm="Job Ops"');
res.status(401).send('Authentication required');