Skip to content

Commit

Permalink
fix: run node auth middleware before everything else
Browse files Browse the repository at this point in the history
  • Loading branch information
bohdan-shulha committed Jul 5, 2024
1 parent baa93ec commit 3602de0
Show file tree
Hide file tree
Showing 3 changed files with 10 additions and 2 deletions.
6 changes: 5 additions & 1 deletion api-nodes/Http/Middleware/AgentTokenAuth.php
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,13 @@ public function handle(Request $request, Closure $next): Response
$token = $request->header(self::AUTH_HEADER);

if (!$token) {
if ($request->bearerToken()) {
return $next($request);
}

return response()->json([
'message' => 'Unauthorized'
], 401);
], 403);
}

$node = Node::withoutGlobalScope(TeamScope::class)->with('team')->whereAgentToken($token)->firstOrFail();
Expand Down
4 changes: 4 additions & 0 deletions bootstrap/app.php
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
<?php

use ApiNodes\Http\Middleware\AgentTokenAuth;
use App\Http\Middleware\HandleInertiaRequests;
use App\Jobs\CheckAgentUpdates;
use Illuminate\Console\Scheduling\Schedule;
Expand All @@ -21,6 +22,9 @@
$middleware->trustProxies('*');

$middleware
->api(prepend: [
AgentTokenAuth::class,
])
->web(append: [
HandleInertiaRequests::class,
AddLinkHeadersForPreloadedAssets::class,
Expand Down
2 changes: 1 addition & 1 deletion routes/api.php
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@
use App\Api\Controllers\ServiceController;
use Illuminate\Support\Facades\Route;

Route::group(['prefix' => '/_nodes/v1', 'middleware' => [AgentTokenAuth::class]], function () {
Route::group(['prefix' => '/_nodes/v1'], function () {
Route::group(['prefix' => '/events'], function () {
Route::post('/started', [EventController::class, 'started']);
});
Expand Down

0 comments on commit 3602de0

Please sign in to comment.