Fix link resource endpoint being insecured
This commit is contained in:
Andrey Chervyakov
parent
ac066be702
commit
9ae733e618
1 changed files with 4 additions and 1 deletions
|
|
@ -10,6 +10,7 @@ import (
|
|||
"github.com/labstack/echo/v4/middleware"
|
||||
"github.com/rs/zerolog/log"
|
||||
"net/http"
|
||||
"regexp"
|
||||
)
|
||||
|
||||
func NewServer(conf *koanf.Koanf, pool *pgxpool.Pool) *echo.Echo {
|
||||
|
|
@ -30,7 +31,9 @@ func addMiddleware(s *echo.Echo, conf *koanf.Koanf) {
|
|||
|
||||
s.Use(middleware.JWTWithConfig(middleware.JWTConfig{
|
||||
Skipper: func(ctx echo.Context) bool {
|
||||
return ctx.Request().Method == "GET" && ctx.Request().URL.Path != "/links"
|
||||
matchesLinks, _ := regexp.MatchString("^/links", ctx.Request().URL.Path)
|
||||
|
||||
return ctx.Request().Method == "GET" && !matchesLinks
|
||||
},
|
||||
SigningMethod: conf.String("jwt.method"),
|
||||
SigningKey: conf.Bytes("jwt.key"),
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue