gaspersic/freeCodeCamp
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fix: Broken regex for short news links

Browse Source
This commit is contained in:
Bouncey
2019-02-13 12:15:23 +00:00
committed by mrugesh mohapatra
parent 0e0bebed4a
commit 361ce5cd8e
1 changed files with 4 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
api-server/server/middlewares/jwt-authorization.js
View File

@ -8,17 +8,15 @@ import { wrapHandledError } from '../utils/create-handled-error';
// We need to tunnel through a proxy path set up within // We need to tunnel through a proxy path set up within
// the gatsby app, at this time, that path is /internal // the gatsby app, at this time, that path is /internal
const whiteListRE = new RegExp([ export const apiProxyRE = /^\/internal\/|^\/external\//;
'^/internal/n/', export const newsShortLinksRE = /^\/internal\/n\/|^\/internal\/p\?/;
'^/internal/p\??'
].join('|'));
export default () => function authorizeByJWT(req, res, next) { export default () => function authorizeByJWT(req, res, next) {
const path = req.path.split('/')[1]; if (apiProxyRE.test(req.path) && !newsShortLinksRE.test(req.path)) {
if (/^external$|^internal$/.test(path) && !whiteListRE.test(req.path)) {
const cookie = req.signedCookies && req.signedCookies['jwt_access_token'] || const cookie = req.signedCookies && req.signedCookies['jwt_access_token'] ||
req.cookie && req.cookie['jwt_access_token']; req.cookie && req.cookie['jwt_access_token'];
if (!cookie) { if (!cookie) {
throw wrapHandledError( throw wrapHandledError(
new Error('Access token is required for this request'), new Error('Access token is required for this request'),