appflare 0.0.21 → 0.0.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/server/auth.ts +21 -10
package/package.json
CHANGED
package/server/auth.ts
CHANGED
|
@@ -47,26 +47,37 @@ export function initBetterAuth<Options extends BetterAuthOptions>(
|
|
|
47
47
|
database: mongodbAdapter(getDatabase((env as any).MONGO_DB) as any),
|
|
48
48
|
});
|
|
49
49
|
}
|
|
50
|
-
|
|
51
50
|
export const getHeaders = (headers: Headers) => {
|
|
52
51
|
const newHeaders = Object.fromEntries(headers as any);
|
|
53
52
|
const headerObject: Record<string, any> = {};
|
|
53
|
+
let hasCookie = false;
|
|
54
|
+
|
|
55
|
+
for (const key in newHeaders) {
|
|
56
|
+
if (key.toLowerCase() === "cookie") {
|
|
57
|
+
hasCookie = true;
|
|
58
|
+
break;
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
|
|
54
62
|
for (const key in newHeaders) {
|
|
55
63
|
const isAuthorization =
|
|
56
|
-
key.toLowerCase() === "authorization" &&
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
}
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
64
|
+
key.toLowerCase() === "authorization" &&
|
|
65
|
+
newHeaders[key]?.includes("Bearer");
|
|
66
|
+
|
|
67
|
+
if (hasCookie && key.toLowerCase() === "authorization") {
|
|
68
|
+
continue;
|
|
69
|
+
}
|
|
70
|
+
|
|
71
|
+
if (key.toLowerCase() === "authorization" && !isAuthorization) {
|
|
72
|
+
continue;
|
|
65
73
|
}
|
|
74
|
+
|
|
75
|
+
headerObject[key] = newHeaders[key];
|
|
66
76
|
}
|
|
67
77
|
|
|
68
78
|
return headerObject as any as Headers;
|
|
69
79
|
};
|
|
80
|
+
|
|
70
81
|
export const getSanitizedRequest = (req: Request) => {
|
|
71
82
|
const newRequest = new Request(req, {
|
|
72
83
|
headers: getHeaders(req.headers),
|