New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

When serving locally, ignore non-JWT auth headers #108

Merged
merged 1 commit into from Jan 31, 2019

Conversation

Projects
None yet
2 participants
@pimterry
Copy link
Contributor

pimterry commented Jan 30, 2019

Fixes #107

Before this change, when serving locally all Authorization bearer headers were parsed as JWTs. That breaks if anybody is using bearer headers with any other kind of token, and makes it impossible to test such functions locally.

This PR adds the Identity clientContext only if the header exists and can be parsed. If it can't be parsed, it silently falls back to the default {} instead.

@sw-yx

This comment has been minimized.

Copy link
Contributor

sw-yx commented Jan 31, 2019

sweet!

@sw-yx sw-yx merged commit 1b05e08 into netlify:master Jan 31, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment