mudhorn/n8n
1
0
Fork 0
mirror of https://github.com/n8n-io/n8n.git synced 2025-03-05 20:50:17 -08:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(core): Do not explicitly bypass auth on urls containing .svg (#5525)

Browse source
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™ 2023-02-21 11:52:22 +01:00 committed by GitHub
parent 684d717520
commit f58573dba3
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
packages/cli/src/middlewares/auth.ts
View file

@ -3,11 +3,12 @@ import jwt from 'jsonwebtoken';
import cookieParser from 'cookie-parser'; import cookieParser from 'cookie-parser';
import passport from 'passport'; import passport from 'passport';
import { Strategy } from 'passport-jwt'; import { Strategy } from 'passport-jwt';
import { sync as globSync } from 'fast-glob';
import { LoggerProxy as Logger } from 'n8n-workflow'; import { LoggerProxy as Logger } from 'n8n-workflow';
import type { JwtPayload } from '@/Interfaces'; import type { JwtPayload } from '@/Interfaces';
import type { AuthenticatedRequest } from '@/requests'; import type { AuthenticatedRequest } from '@/requests';
import config from '@/config'; import config from '@/config';
import { AUTH_COOKIE_NAME } from '@/constants'; import { AUTH_COOKIE_NAME, EDITOR_UI_DIST_DIR } from '@/constants';
import { issueCookie, resolveJwtContent } from '@/auth/jwt'; import { issueCookie, resolveJwtContent } from '@/auth/jwt';
import { import {
isAuthenticatedRequest, isAuthenticatedRequest,
@ -61,6 +62,10 @@ const refreshExpiringCookie: RequestHandler = async (req: AuthenticatedRequest,
const passportMiddleware = passport.authenticate('jwt', { session: false }) as RequestHandler; const passportMiddleware = passport.authenticate('jwt', { session: false }) as RequestHandler;
const staticAssets = globSync(['**/*.html', '**/*.svg', '**/*.png', '**/*.ico'], {
cwd: EDITOR_UI_DIST_DIR,
});
/** /**
* This sets up the auth middlewares in the correct order * This sets up the auth middlewares in the correct order
*/ */
@ -79,12 +84,7 @@ export const setupAuthMiddlewares = (
// TODO: refactor me!!! // TODO: refactor me!!!
// skip authentication for preflight requests // skip authentication for preflight requests
req.method === 'OPTIONS' || req.method === 'OPTIONS' ||
req.url === '/index.html' || staticAssets.includes(req.url.slice(1)) ||
req.url === '/favicon.ico' ||
req.url.startsWith('/css/') ||
req.url.startsWith('/js/') ||
req.url.startsWith('/fonts/') ||
req.url.includes('.svg') ||
req.url.startsWith(`/${restEndpoint}/settings`) || req.url.startsWith(`/${restEndpoint}/settings`) ||
req.url.startsWith(`/${restEndpoint}/login`) || req.url.startsWith(`/${restEndpoint}/login`) ||
req.url.startsWith(`/${restEndpoint}/logout`) || req.url.startsWith(`/${restEndpoint}/logout`) ||