Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: don't assume user is trusted when force_logins is turned off #1318

Merged
merged 3 commits into from
Jan 22, 2024

Conversation

matmen
Copy link
Member

@matmen matmen commented Jan 21, 2024

Fixes #1317.

I've tested theme loading and couldn't reproduce the issue described in #1065, so I don't think there's any side effects. Not sure why the !forceLogins check was required in the first place in e5d177c, @pedrolamas any chance you remember?

edit: Looks like it was there to prevent unnecessary oneshot token requests, but I think the _TRUSTED_USER_ check should handle all of that

Signed-off-by: Mathis Mensing <github@matmen.dev>
@matmen matmen added the GH - Bug Something isn't working label Jan 21, 2024
@matmen matmen added this to the 1.27.2 milestone Jan 21, 2024
@pedrolamas
Copy link
Member

I've tested theme loading and couldn't reproduce the issue described in #1065, so I don't think there's any side effects. Not sure why the !forceLogins check was required in the first place in e5d177c, @pedrolamas any chance you remember?

I think I just didn't think of the scenario we are talking here (unauthorized client) and thus assumed forced_logins needed to be true...

I've tested this PR and seems to work fine, so I think we are good to merge in.

@matmen matmen merged commit b413fc2 into fluidd-core:develop Jan 22, 2024
4 checks passed
@matmen matmen deleted the fix/file-token-creation branch January 22, 2024 13:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
GH - Bug Something isn't working
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Unable to download logs and config files when using auth/authz with moonraker
2 participants