fix(api): return 404 response when using a token and the route does not exist

(cherry picked from commit fde1763eefc998c45d0a1ce6e1be20df6a23e18a)
2024-08-29 10:12:20 +02:00
parent c85da01294
commit a253f76060
2 changed files with 23 additions and 0 deletions
--- a/pkg/routes/api_tokens.go
+++ b/pkg/routes/api_tokens.go
@ -41,6 +41,13 @@ func SetupTokenMiddleware() echo.MiddlewareFunc {

 			for _, s := range authHeader {
 				if strings.HasPrefix(s, "Bearer "+models.APITokenPrefix) {
+					// If the route does not exist, skip the current handling and let the rest of echo's logic handle it
+					findCtx := c.Echo().NewContext(c.Request(), c.Response())
+					c.Echo().Router().Find(c.Request().Method, echo.GetPath(c.Request()), findCtx)
+					if findCtx.Path() == "/api/v1/*" {
+						return true
+					}
+
 					err := checkAPITokenAndPutItInContext(s, c)
 					return err == nil
 				}