Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] AdminMiddleware is broken #81

Closed
kon14 opened this issue Mar 18, 2022 · 0 comments · Fixed by #88
Closed

[BUG] AdminMiddleware is broken #81

kon14 opened this issue Mar 18, 2022 · 0 comments · Fixed by #88
Assignees
@kon14
Labels
bug Something isn't working

Comments

@kon14
Copy link
Contributor

kon14 commented Mar 18, 2022

Describe the bug
Admin routes no longer go through AdminMiddleware (masterkey header).
Admin's AuthMiddleware (adminToken Authentication header) is unaffected.

To Reproduce
Steps to reproduce the behavior:

  1. Send any admin request without passing in the masterkey header.
  2. Make sure you're still passing in an Authentication header (JWT admin-token).
  3. Notice how the request succeeds.

Expected behavior
Request should respond with a 401 - Unauthorized.
@kon14 kon14 self-assigned this Mar 18, 2022
@kon14 kon14 added the bug Something isn't working label Mar 18, 2022
@kon14 kon14 mentioned this issue Mar 22, 2022
Merged
10 tasks
@kon14 kon14 closed this as completed Mar 22, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@kon14 kon14

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(router,admin): admin requests not passing through master key middleware ConduitPlatform/Conduit
1 participant
@kon14