alerte-secours/as-services
3
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: wip

Browse source
This commit is contained in:
devthejo 2025-06-30 17:18:31 +02:00
parent 84be7527f2
commit 306a9faa63
1 changed files with 11 additions and 19 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

30
libs/common/oapi/services/auth.js
View file

@ -47,26 +47,18 @@ module.exports = function () {
{ error: err }, { error: err },
"Allowing expired JWT for meta.auth-token scope" "Allowing expired JWT for meta.auth-token scope"
) )
// Continue processing with expired JWT const req = reqCtx.get("req")
} else { const authTokenHeader = req?.headers?.["x-auth-token"]
logger.error({ error: err }, "jwVerify failed") if (!authTokenHeader) {
return false return false
}
// Create a session that indicates auth token processing is needed
const session = { isAuthTokenRequest: true, authToken: authTokenHeader }
reqCtx.set("session", session)
return true
} }
} logger.error({ error: err }, "jwVerify failed")
return false
// For meta.auth-token scope, check for X-Auth-Token header
if (hasMetaAuthToken) {
const req = reqCtx.get("req")
const authTokenHeader = req?.headers?.["x-auth-token"]
if (!authTokenHeader) {
return false
}
// Create a session that indicates auth token processing is needed
const session = { isAuthTokenRequest: true, authToken: authTokenHeader }
reqCtx.set("session", session)
return true
} }
// Regular user JWT processing // Regular user JWT processing