fix: give login a dedicated authMiddleware instance

This commit is contained in:
Derrick Hammer 2024-03-13 17:35:26 -04:00
parent 4f891e067c
commit 749a932663
Signed by: pcfreak30
GPG Key ID: C997C339BE476FF2
1 changed files with 8 additions and 1 deletions

View File

@ -276,6 +276,13 @@ func (a AccountAPI) Routes() (*httprouter.Router, error) {
Accounts: a.accounts,
Config: a.config,
Purpose: account.JWTPurpose2FA,
})
loginAuthMw2fa := authMiddleware(middleware.AuthMiddlewareOptions{
Identity: a.identity,
Accounts: a.accounts,
Config: a.config,
Purpose: account.JWTPurpose2FA,
EmptyAllowed: true,
})
@ -288,7 +295,7 @@ func (a AccountAPI) Routes() (*httprouter.Router, error) {
routes := map[string]jape.Handler{
"POST /api/auth/ping": middleware.ApplyMiddlewares(a.ping, authMw2fa, middleware.ProxyMiddleware),
"POST /api/auth/login": middleware.ApplyMiddlewares(a.login, authMw2fa, middleware.ProxyMiddleware),
"POST /api/auth/login": middleware.ApplyMiddlewares(a.login, loginAuthMw2fa, middleware.ProxyMiddleware),
"POST /api/auth/register": middleware.ApplyMiddlewares(a.register, middleware.ProxyMiddleware),
"POST /api/auth/verify-email": middleware.ApplyMiddlewares(a.verifyEmail, middleware.ProxyMiddleware),
"GET /api/auth/otp/generate": middleware.ApplyMiddlewares(a.otpGenerate, authMw, middleware.ProxyMiddleware),