mirror/Plan
2
0
Fork 0
mirror of https://github.com/plan-player-analytics/Plan.git synced 2025-01-24 16:14:26 +08:00
Code Issues Packages Projects Releases Wiki Activity

Changed auth check order

Browse Source 
Fixes an issue where authentication is not required but is present
anyway, leading to WebAuthFailException when trying to get
web user for authentication headers coming from a reverse-proxy.

Affects issues:
- #1215
This commit is contained in:
Rsl1122 2019-11-08 12:13:15 +02:00
parent cafcb61cf5
commit f17470ee6c
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
Plan/common/src/main/java/com/djrapitops/plan/delivery/webserver/ResponseHandler.java
View File

@ -139,8 +139,7 @@ public class ResponseHandler extends TreePageHandler {
if (pageHandler == null) {
return responseFactory.pageNotFound404();
} else {
boolean isAuthorized = authentication.isPresent() && pageHandler.isAuthorized(authentication.get(), target);
if (!isAuthRequired || isAuthorized) {
if (!isAuthRequired || pageHandler.isAuthorized(authentication.get(), target)) {
return pageHandler.getResponse(request, target);
}
return responseFactory.forbidden403();