rack-jwt icon indicating copy to clipboard operation
rack-jwt copied to clipboard

Published 20 hours ago verified publisher icon eparreno

Exclude auth for root path only

Open tadejm opened this issue 4 years ago • 3 comments

Hey @eparreno 👋

Merging this PR will allow a dev to exclude the root path ('/') without excluding all paths starting with a / from the JWT token auth check. This comes handy when we want to have a pretty landing/docs page mounted on / and an JWT auth API that serves from other paths, i.e. /users.

tadejm avatar Apr 29 '20 07:04 tadejm

I like and need this exact case.

Anything I can do to push this forward and help getting this merged?

For example, I could make it more generic using a regex instead of start_with()? e.g. |ex| env['PATH_INFO'].match?(ex) that would probably degrade performance and not be backwards compatible, but does give implementers more freedom.

Alternatively, a switch based on wether it is a string, or a regex:

        @exclude.any? { |ex|
          path = env['PATH_INFO']
          ex.is_a?(String) && path.start_with?(ex) || ex.is_a?(Regexp) && path.match?(ex)
       }

But then a tad more readable :)

berkes avatar Oct 28 '20 11:10 berkes

Anything we can do to help get this merged?

berkes avatar Nov 30 '21 19:11 berkes