Open artipo opened 2 years ago
Hi, I was trying the new EndpointRouter routing and I think to have found a bug.
It occurs when you try to cover under jwt authentication a sub router. Code speak for itself.
let sub = router { get "/" (text "not secured") // accessible without authentication } let privateEndpoints = router { pipe_through (Auth.requireAuthentication JWT) forward "/sub" sub get "/" (text "secured") // NOT accessible without authentication } let appEndpoints = router { forward "/api" privateEndpoints get "/" (text "public") // accessible without authentication } let app = application { use_jwt_authentication "secret" "issuer" use_endpoint_router appEndpoints url "http://0.0.0.0:8085/" listen_local 8085 ignore }
I'm using .Net 5.0 via CLI. and Saturn 0.15.
I think it's a bug because if the old routers are used everything works correctly (route "/api/sub" becomes NOT accessible without authentication).
Here's a small project that includes the code above. jwt_auth.zip
Feel free to ask more info, thank you in advance.
Hi, I was trying the new EndpointRouter routing and I think to have found a bug.
It occurs when you try to cover under jwt authentication a sub router. Code speak for itself.
I'm using .Net 5.0 via CLI. and Saturn 0.15.
I think it's a bug because if the old routers are used everything works correctly (route "/api/sub" becomes NOT accessible without authentication).
Here's a small project that includes the code above. jwt_auth.zip
Feel free to ask more info, thank you in advance.