Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(auth): fix anonymous auth for ui #1662

Merged
merged 1 commit into from
Jul 29, 2023
Merged

fix(auth): fix anonymous auth for ui #1662

merged 1 commit into from
Jul 29, 2023

Conversation

andaaron
Copy link
Contributor

The ui sends the header X-ZOT-API-CLIENT=zot-ui regardless of session authentication status. In case of new sessions zot would reject the unauthenticated call on /v2 (which is used to determine if anonymous access is allowed by the server when the header was set) expecting all users sending this header to be already authenticated.

Since the ui received 401 from the server, it would not show the option for anonymous login.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@andaaron
fix(auth): fix anonymous auth for ui
bc7fdd5 
The ui sends the header X-ZOT-API-CLIENT=zot-ui regardless of session authentication status.
In case of new sessions zot would reject the unauthenticated call on /v2 (which is used to determine
if anonymous access is allowed by the server when the header was set) expecting all users sending
this header to be already authenticated.

Since the ui received 401 from the server, it would not show the option for anonymous login.

Signed-off-by: Andrei Aaron <[email protected]>
@codecov
Copy link

codecov bot commented Jul 29, 2023

Codecov Report

Merging #1662 (bc7fdd5) into main (a5c92bc) will increase coverage by 0.00%.
The diff coverage is 100.00%.

@@           Coverage Diff           @@
##             main    #1662   +/-   ##
=======================================
  Coverage   91.36%   91.37%           
=======================================
  Files         121      121           
  Lines       26174    26184   +10     
=======================================
+ Hits        23915    23925   +10     
  Misses       1686     1686           
  Partials      573      573
Files Changed Coverage Δ
pkg/api/authn.go 94.40% <100.00%> (+0.09%) ⬆️

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

rchincha
rchincha approved these changes Jul 29, 2023
View reviewed changes
Copy link
Contributor

@rchincha rchincha left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@rchincha rchincha merged commit cb1b7ae into project-zot:main Jul 29, 2023
25 checks passed
@andaaron andaaron self-assigned this Aug 1, 2023
@andaaron andaaron mentioned this pull request Aug 2, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rchincha rchincha rchincha approved these changes

@eusebiu-constantin-petu-dbk eusebiu-constantin-petu-dbk Awaiting requested review from eusebiu-constantin-petu-dbk

Assignees

@andaaron andaaron

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@andaaron @rchincha