jeffemmett
/
rspace-online
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(rtasks): exempt rtasks API from space auth middleware 

The clf space is private, so all API calls were getting 401'd by the
space access middleware before reaching the rtasks routes. Add
/rtasks/api/ to the public endpoint exemption list (like rwallet,
rdesign, rvote already are).

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
Jeff Emmett 2026-04-06 19:00:38 -04:00
parent ac332468ba
commit ccaef33a20
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/index.ts
View File

@ -2812,8 +2812,8 @@ for (const mod of getAllModules()) {
|| pathname.includes("/rcart/pay/") || pathname.includes("/rcart/pay/")
|| pathname.includes("/rwallet/api/") || pathname.includes("/rwallet/api/")
|| pathname.includes("/rdesign/api/") || pathname.includes("/rdesign/api/")
|| (c.req.method === "GET" && pathname.includes("/rvote/api/")) || pathname.includes("/rtasks/api/")
|| (c.req.method === "POST" && pathname.endsWith("/rtasks/api/clickup/webhook")); || (c.req.method === "GET" && pathname.includes("/rvote/api/"));
if (!isHtmlRequest && !isPublicEndpoint && (vis === "private" || vis === "permissioned")) { if (!isHtmlRequest && !isPublicEndpoint && (vis === "private" || vis === "permissioned")) {
const token = extractToken(c.req.raw.headers); const token = extractToken(c.req.raw.headers);