apunkt/gomcp
1
0
Fork 0
mirror of https://github.com/syntrex-lab/gomcp.git synced 2026-04-25 04:16:22 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix: add /api/v1/scan to JWT public paths (demo scanner bypass auth)

Browse source
This commit is contained in:
DmitrL-dev 2026-03-23 20:32:11 +10:00
parent b958ed07bd
commit a120aa2750
1 changed files with 7 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

7
internal/infrastructure/auth/middleware.go
View file

@ -24,8 +24,15 @@ func NewJWTMiddleware(secret []byte) *JWTMiddleware {
secret: secret,
PublicPaths: map[string]bool{
"/health": true,
"/healthz": true,
"/readyz": true,
"/metrics": true,
"/api/auth/login": true,
"/api/auth/refresh": true,
"/api/auth/register": true,
"/api/auth/verify": true,
"/api/auth/plans": true,
"/api/v1/scan": true, // public demo scanner
"/api/soc/events/stream": true, // SSE uses query param auth
"/api/soc/stream": true, // SSE live feed (EventSource can't send headers)
"/api/soc/ws": true, // WebSocket-style SSE push