diff --git a/server/auth.js b/server/auth.js index 5cf96b6ff..106182ddc 100644 --- a/server/auth.js +++ b/server/auth.js @@ -155,25 +155,11 @@ exports.basicAuth = async function (req, res, next) { * @param {express.NextFunction} next Next handler in chain * @returns {void} */ -exports.apiAuth = async function (req, res, next) { - if (!await Settings.get("disableAuth")) { - let usingAPIKeys = await Settings.get("apiKeysEnabled"); - let middleware; - if (usingAPIKeys) { - middleware = basicAuth({ - authorizer: apiAuthorizer, - authorizeAsync: true, - challenge: true, - }); - } else { - middleware = basicAuth({ - authorizer: userAuthorizer, - authorizeAsync: true, - challenge: true, - }); - } - middleware(req, res, next); - } else { - next(); - } +exports.basicAuthMiddleware = async function (req, res, next) { + let middleware = basicAuth({ + authorizer: apiAuthorizer, + authorizeAsync: true, + challenge: true, + }); + middleware(req, res, next); }; diff --git a/server/server.js b/server/server.js index 12ebaee6f..3cb9f64a4 100644 --- a/server/server.js +++ b/server/server.js @@ -97,7 +97,7 @@ log.debug("server", "Importing Background Jobs"); const { initBackgroundJobs, stopBackgroundJobs } = require("./jobs"); const { loginRateLimiter, twoFaRateLimiter } = require("./rate-limiter"); -const { apiAuth } = require("./auth"); +const { basicAuthMiddleware } = require("./auth"); const { login } = require("./auth"); const passwordHash = require("./password-hash"); @@ -267,8 +267,8 @@ let needSetup = false; // Basic Auth Router here // Prometheus API metrics /metrics - // With Basic Auth using the first user's username/password - app.get("/metrics", apiAuth, prometheusAPIMetrics()); + // With Basic Auth using an API Key + app.get("/metrics", basicAuthMiddleware, prometheusAPIMetrics()); app.use("/", expressStaticGzip("dist", { enableBrotli: true,