Skip to content

Commit

Permalink
feat: PUT/DELETE requests do not need basic auth
Browse files Browse the repository at this point in the history
  • Loading branch information
@SharzyL
SharzyL committed Apr 12, 2024
1 parent f64741b commit 2a7b35d
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 4 deletions.
2 changes: 1 addition & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ user1 = "passwd1"
user2 = "passwd2"
```

Now every access to PUT or POST request, and every access to the index page, requires an HTTP basic auth with the user-password pair listed above. For example:
Now every access to POST request, and every access to static pages, requires an HTTP basic auth with the user-password pair listed above. For example:

```shell
$ curl example-pb.com
Expand Down
8 changes: 5 additions & 3 deletions src/index.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,9 +61,11 @@ async function handleNormalRequest(request, env, ctx) {
}

async function handlePostOrPut(request, env, ctx, isPut) {
const authResponse = verifyAuth(request, env)
if (authResponse !== null) {
return authResponse
if (!isPut) { // only POST requires auth, since PUT request already contains auth
const authResponse = verifyAuth(request, env)
if (authResponse !== null) {
return authResponse
}
}

const contentType = request.headers.get("content-type") || ""
Expand Down

0 comments on commit 2a7b35d

Please sign in to comment.