This repository has been archived by the owner on Sep 11, 2024. It is now read-only.
How do you allow only some get routes to have auth #230
Comments
|
Something like this should work. $app->add(new Tuupola\Middleware\JwtAuthentication([
"rules" => [
new Tuupola\Middleware\JwtAuthentication\RequestPathRule([
"path" => ["/projectData"],
"ignore" => []
]),
new Tuupola\Middleware\JwtAuthentication\RequestMethodRule([
"ignore" => ["OPTIONS", "GET"]
])
]
])) |
|
This worked perfectly! Although a quick follow-up question. How would I allow some GET routes to have auth on them? I tried to put the route in the path, like so: $app->add(new Tuupola\Middleware\JwtAuthentication([
"rules" => [
new Tuupola\Middleware\JwtAuthentication\RequestPathRule([
"path" => ["/projectData", "/user/getUserInfo"],
"ignore" => []
]),
new Tuupola\Middleware\JwtAuthentication\RequestMethodRule([
"ignore" => ["OPTIONS", "GET"]
])
]
]))This however didn't work and it didn't require auth for the get route of |
rodude123
changed the title
|
In your config you are ignoring all $app->add(new JwtAuthentication([
"path" => ["/api", "/admin"]
]));Now any path starting with /* Add to single route */
$app->get("/", function () { ... })->add(new JwtAuthentication());
/* Add to route group */
$app->group("/", function () { ... })->add(new JwtAuthentication()); |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I'm making an API where some data is publicly available for my site and some need auth. I know I can add this,
This allows all GET methods to have no auth on them. so is there a way to specify
/projectDataas a GET route that has no auth but/projetDataas a POST, PUT, PATCH, DELETE routes have auth on themThe text was updated successfully, but these errors were encountered: