Authentication: allow - in webhook token

This commit is contained in:
Rory&
2026-06-16 17:59:23 +02:00
parent fa4ca953b8
commit 9bb2c437cf
5 changed files with 5 additions and 5 deletions
+1 -1
View File
@@ -34,7 +34,7 @@ export const NO_AUTHORIZATION_ROUTES = [
"POST /auth/fingerprint",
"GET /invites/",
// Routes with a seperate auth system
/^(POST|HEAD|GET|PATCH|DELETE) \/webhooks\/\d+\/\w+\/?/, // no token requires auth
/^(POST|HEAD|GET|PATCH|DELETE) \/webhooks\/\d+\/[\w-]+\/?/, // no token requires auth
/^POST \/interactions\/\d+\/[A-Za-z0-9_-]+\/callback/,
// Public information endpoints
"GET /ping",
-1
View File
@@ -16,7 +16,6 @@
along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
export * from "./utility/Base64";
export * from "./utility/ipAddress";
export * from "./handlers/Message";
export * from "./utility/passwordStrength";
+3 -3
View File
@@ -18,9 +18,8 @@
import { Request } from "express";
import { SPECIAL_CHAR } from "@spacebar/util/util/Regex";
import { Random } from "@spacebar/extensions/Random";
import { ntob } from "@spacebar/api";
import { FieldErrors } from "@spacebar/util";
import { Random, ntob } from "@spacebar/extensions";
import { FieldErrors } from "@spacebar/util/util/FieldError";
export function trimSpecial(str?: string): string {
if (!str) return "";
@@ -49,6 +48,7 @@ export function stringGlobToRegexp(str: string, flags?: string): RegExp {
return new RegExp(escaped, flags);
}
// TODO: use exception type
export function stringCheckLength(str: string, min: number, max: number, key: string, req: Request) {
if (str.length < min || str.length > max) {
throw FieldErrors({
+1
View File
@@ -17,6 +17,7 @@
*/
export * from "./Array";
export * from "./Base64";
export * from "./DateBuilder";
export * from "./ElapsedTime";
export * from "./Math";