jeffemmett
/
rspace-online
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'dev'

This commit is contained in:
Jeff Emmett 2026-03-23 14:23:55 -07:00
parent 1bdf47a613 67f1927eb5
commit 63b9305787
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
server/index.ts
View File

@ -2218,7 +2218,16 @@ for (const mod of getAllModules()) {
const accept = c.req.header("Accept") || ""; const accept = c.req.header("Accept") || "";
const isHtmlRequest = accept.includes("text/html"); const isHtmlRequest = accept.includes("text/html");
if (!isHtmlRequest && (vis === "private" || vis === "permissioned")) { // Exempt public-facing endpoints that are designed for unauthenticated users
const pathname = new URL(c.req.url).pathname;
const isPublicEndpoint = pathname.endsWith("/api/flows/user-onramp")
|| pathname.endsWith("/api/onramp/config")
|| pathname.endsWith("/api/transak/config")
|| pathname.endsWith("/api/transak/webhook")
|| pathname.endsWith("/api/coinbase/webhook")
|| pathname.endsWith("/api/ramp/webhook");
if (!isHtmlRequest && !isPublicEndpoint && (vis === "private" || vis === "permissioned")) {
const token = extractToken(c.req.raw.headers); const token = extractToken(c.req.raw.headers);
if (!token) { if (!token) {
return c.json({ error: "Authentication required" }, 401); return c.json({ error: "Authentication required" }, 401);