calvin.erfmann/pangolin
1
0
Fork 0
mirror of https://github.com/fosrl/pangolin.git synced 2026-01-28 22:00:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Returning unauthorized

Browse Source
This commit is contained in:
Owen
2025-10-13 15:34:11 -07:00
parent 733bf0b169
commit 377cb77307
1 changed files with 18 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

24
server/routers/badger/verifySession.ts
View File

@@ -33,9 +33,7 @@ import createHttpError from "http-errors";
import NodeCache from "node-cache";
import { z } from "zod";
import { fromError } from "zod-validation-error";
import {
getCountryCodeForIp,
} from "@server/lib/geoip";
import { getCountryCodeForIp } from "@server/lib/geoip";
import { getOrgTierData } from "#dynamic/lib/billing";
import { TierId } from "@server/lib/billing/tiers";
import { verifyPassword } from "@server/auth/password";
@@ -198,7 +196,7 @@ export async function verifyResourceSession(
// IMPORTANT: ADD NEW AUTH CHECKS HERE OR WHEN TURNING OFF ALL OTHER AUTH METHODS IT WILL JUST PASS
if (
!resource.sso &&
!sso &&
!pincode &&
!password &&
!resource.emailWhitelistEnabled &&
@@ -315,8 +313,22 @@ export async function verifyResourceSession(
return allowed(res);
}
// if there are no other auth methods we need to return unauthorized here
if (!sso && !pincode && !password && !resource.emailWhitelistEnabled) {
if ( // we dont want to redirect if this is the only auth method and we did not pass here
!sso &&
!pincode &&
!password &&
!resource.emailWhitelistEnabled
) {
return notAllowed(res);
}
} else if (headerAuth) {
// if there are no other auth methods we need to return unauthorized if nothing is provided
if (
!sso &&
!pincode &&
!password &&
!resource.emailWhitelistEnabled
) {
return notAllowed(res);
}
}