Merge pull request 'fix/headerauth-crash-missing-header' (#19 ) from fix/headerauth-crash-missing-header into master

Reviewed-on: #19
Merge branch 'master' into fix/headerauth-crash-missing-header
2023-10-11 00:58:54 -04:00 · 2023-10-11 00:56:48 -04:00 · 2023-10-10 22:54:28 -04:00 · 2023-10-10 01:35:45 -04:00 · 2023-10-10 01:34:55 -04:00 · 2023-10-10 00:49:29 -04:00
1 changed files with 4 additions and 0 deletions
--- a/app/Http/Middleware/HeaderAuth.php
+++ b/app/Http/Middleware/HeaderAuth.php
@ -15,6 +15,10 @@ class HeaderAuth
     */
    public function handle(Request $request, Closure $next): Response
    {
+        if (! $request->hasHeader('X-BOTAUTH')) {
+            return response()
+                ->json(["status" => false, "message" => "Unauthorized."], 401);
+        }
        if (!hash_equals(config('bot.header_auth'), $request->header('X-BOTAUTH'))) {
            return response('Unauthorized', 401);
        }
Author	SHA1	Message	Date
Benjamyn Love	84529c373d	Merge pull request 'fix/headerauth-crash-missing-header' (#19 ) from fix/headerauth-crash-missing-header into master Reviewed-on: #19	2023-10-11 00:58:54 -04:00
Benjamyn Love	b03ad75e9e	Merge branch 'master' into fix/headerauth-crash-missing-header	2023-10-11 00:56:48 -04:00
ben	7bf42dcc47	Updated the header check	2023-10-10 22:54:28 -04:00
ben	7a8b0fdf10	empty instead of is_null	2023-10-10 01:35:45 -04:00
ben	8519764f8f	Merge branch 'feat/user-reg-api' into fix/headerauth-crash-missing-header	2023-10-10 01:34:55 -04:00
ben	8021b9e3e2	Fixed crash on missing header	2023-10-10 00:49:29 -04:00