adrien2p / medusa-extender

:syringe: Medusa on steroid, take your medusa project to the next level with some badass features :rocket:
https://adrien2p.github.io/medusa-extender/
MIT License
320 stars 40 forks source link

[BUG] store routes requiredAuth does not work. #155

Closed dwene closed 1 year ago

dwene commented 1 year ago

Describe the bug A clear and concise description of what the bug is.

Using requiredAuth on the store routes doesn't seem to work anymore.

To Reproduce Steps to reproduce the behavior:

  1. create a /store/anything route using Medusa Extender
  2. set the requiredAuth property to true.
  3. Try to call the route unauthenticated, and notice it doesn't throw an error.

Expected behavior It should return an Unauthorized response code.

Screenshots If applicable, add screenshots to help explain your problem.

Package version:

Additional context Add any other context about the problem here.

adrien2p commented 1 year ago

It has always been the case, the store auth middleware does not enforce the customer to be authenticated and lake it optional for most if the routes. I ve already answered the same type of issues. The requireAuth will only affect when the route will be registered, before or after the auth middleware in the core. To enforce it on the store route, you have to apply the https://github.com/medusajs/medusa/blob/master/packages/medusa/src/api/middlewares/require-customer-authentication.ts

On the other hand, I understand that I should change that. I ll create a pr to address that very soon 💪

adrien2p commented 1 year ago

for reference https://github.com/adrien2p/medusa-extender/pull/156

adrien2p commented 1 year ago

available in the next relrease