From 9dbc29698f202aaf4b6c096a27529dbfcebcf30d Mon Sep 17 00:00:00 2001 From: Ludovic Vannoorenberghe Date: Mon, 7 Apr 2025 12:27:49 +0100 Subject: [PATCH 1/2] fix(auth): set organisation from job token when present --- backend/middleware/basic.go | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backend/middleware/basic.go b/backend/middleware/basic.go index 53a8fa85..457d87fd 100644 --- a/backend/middleware/basic.go +++ b/backend/middleware/basic.go @@ -68,9 +68,10 @@ func HttpBasicApiAuth() gin.HandlerFunc { c.Abort() return } else { - setDefaultOrganisationId(c) + c.Set(ORGANISATION_ID_KEY, jobToken.OrganisationID) c.Set(ACCESS_LEVEL_KEY, jobToken.Type) c.Set(JOB_TOKEN_KEY, jobToken.Value) + slog.Debug("Job token verified", "organisationId", jobToken.OrganisationID, "accessLevel", jobToken.Type) } } else if token == os.Getenv("BEARER_AUTH_TOKEN") { slog.Debug("Using admin bearer token") From ad260ce1cb6731cf0a87a4cf0f83113b2f7ae446 Mon Sep 17 00:00:00 2001 From: Ludovic Vannoorenberghe Date: Mon, 7 Apr 2025 12:43:48 +0100 Subject: [PATCH 2/2] add c.Next() to continue middleware chain Co-authored-by: greptile-apps[bot] <165735046+greptile-apps[bot]@users.noreply.github.com> --- backend/middleware/basic.go | 1 + 1 file changed, 1 insertion(+) diff --git a/backend/middleware/basic.go b/backend/middleware/basic.go index 457d87fd..a5c69554 100644 --- a/backend/middleware/basic.go +++ b/backend/middleware/basic.go @@ -72,6 +72,7 @@ func HttpBasicApiAuth() gin.HandlerFunc { c.Set(ACCESS_LEVEL_KEY, jobToken.Type) c.Set(JOB_TOKEN_KEY, jobToken.Value) slog.Debug("Job token verified", "organisationId", jobToken.OrganisationID, "accessLevel", jobToken.Type) + c.Next() } } else if token == os.Getenv("BEARER_AUTH_TOKEN") { slog.Debug("Using admin bearer token")