admin/Suwayomi-Server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Ignore authentication for preflight requests (#1261)

Browse Source 
Cors preflight requests never include credentials (https://fetch.spec.whatwg.org/#cors-protocol-and-credentials), thus, they always failed due to being unauthorized
This commit is contained in:
schroda
2025-02-08 17:53:32 +01:00
committed by GitHub
parent 0dd0af1b84
commit 01c37cb0ba
1 changed files with 6 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/src/main/kotlin/suwayomi/tachidesk/server/JavalinSetup.kt
+6
View File
@@ -10,6 +10,7 @@ package suwayomi.tachidesk.server
import io.github.oshai.kotlinlogging.KotlinLogging import io.github.oshai.kotlinlogging.KotlinLogging
import io.javalin.Javalin import io.javalin.Javalin
import io.javalin.apibuilder.ApiBuilder.path import io.javalin.apibuilder.ApiBuilder.path
import io.javalin.http.HandlerType
import io.javalin.http.UnauthorizedResponse import io.javalin.http.UnauthorizedResponse
import io.javalin.http.staticfiles.Location import io.javalin.http.staticfiles.Location
import kotlinx.coroutines.CoroutineScope import kotlinx.coroutines.CoroutineScope
@@ -111,6 +112,11 @@ object JavalinSetup {
} }
app.beforeMatched { ctx -> app.beforeMatched { ctx ->
val isPreFlight = ctx.method() == HandlerType.OPTIONS
if (isPreFlight) {
return@beforeMatched
}
fun credentialsValid(): Boolean { fun credentialsValid(): Boolean {
val basicAuthCredentials = ctx.basicAuthCredentials() ?: return false val basicAuthCredentials = ctx.basicAuthCredentials() ?: return false
val (username, password) = basicAuthCredentials val (username, password) = basicAuthCredentials