go/pocketbase
1
0
Fork 0
mirror of https://github.com/pocketbase/pocketbase.git synced 2025-11-27 00:20:27 +02:00
Code Issues Releases Activity

[#5800] skip default loadAuthToken middleware if e.Auth is already set

Browse Source
This commit is contained in:
Gani Georgiev
2024-11-05 09:06:18 +02:00
parent 47354f5aa9
commit 4f67dba6cb
2 changed files with 10 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
apis/middlewares.go
View File

@@ -196,7 +196,9 @@ func RequireSameCollectionContextAuth(collectionPathParam string) *hook.Handler[
// loadAuthToken attempts to load the auth context based on the "Authorization: TOKEN" header value.
//
// This middleware does nothing in case of missing, invalid or expired token.
// This middleware does nothing in case of:
// - missing, invalid or expired token
// - e.Auth is already loaded by another middleware
//
// This middleware is registered by default for all routes.
//
@@ -207,6 +209,11 @@ func loadAuthToken() *hook.Handler[*core.RequestEvent] {
Id: DefaultLoadAuthTokenMiddlewareId,
Priority: DefaultLoadAuthTokenMiddlewarePriority,
Func: func(e *core.RequestEvent) error {
// already loaded by another middleware
if e.Auth != nil {
return e.Next()
}
token := getAuthTokenFromRequest(e)
if token == "" {
return e.Next()