Remove authentication on manifest.json file (and favicon just in case)
This commit is contained in:
parent
1d3ae7c822
commit
b6c0349203
@ -178,20 +178,26 @@ export class HttpServer {
|
|||||||
}
|
}
|
||||||
|
|
||||||
private addPasswordAuth(app: Application) {
|
private addPasswordAuth(app: Application) {
|
||||||
|
const excludedPaths = ["/manifest.json", "/favicon.png"];
|
||||||
if (this.user) {
|
if (this.user) {
|
||||||
app.use(async ({ request, response }, next) => {
|
app.use(async ({ request, response }, next) => {
|
||||||
if (
|
if (!excludedPaths.includes(request.url.pathname)) {
|
||||||
request.headers.get("Authorization") ===
|
if (
|
||||||
`Basic ${btoa(this.user!)}`
|
request.headers.get("Authorization") ===
|
||||||
) {
|
`Basic ${btoa(this.user!)}`
|
||||||
await next();
|
) {
|
||||||
|
await next();
|
||||||
|
} else {
|
||||||
|
response.status = 401;
|
||||||
|
response.headers.set(
|
||||||
|
"WWW-Authenticate",
|
||||||
|
`Basic realm="Please enter your username and password"`,
|
||||||
|
);
|
||||||
|
response.body = "Unauthorized";
|
||||||
|
}
|
||||||
} else {
|
} else {
|
||||||
response.status = 401;
|
// Unauthenticated access to excluded paths
|
||||||
response.headers.set(
|
await next();
|
||||||
"WWW-Authenticate",
|
|
||||||
`Basic realm="Please enter your username and password"`,
|
|
||||||
);
|
|
||||||
response.body = "Unauthorized";
|
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user