-
-
Notifications
You must be signed in to change notification settings - Fork 480
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
statamic.api.middleware does not allow performing custom authentication #10010
Labels
Comments
@rburgst you can use the middleware priority to control the order of execution. Adding this: protected $middlewarePriority = [
CheckApiKeyHeader::class,
\Statamic\API\Middleware\Cache::class,
]; Should fix your issue. Hope this helps. |
@mxaGianluca That does indeed work. Thanks. |
You're welcome. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Bug description
I created a middleware group
secure-api
that contains a middleware that checks for an api key in the request header.This works great until the response is cached. Once the response is cached, then the cached response will always be returned regardless of whether the request still has the api key header.
The reason for this is that the order of the middleware application is the wrong way round.
see
statamic.api.middleware
by first allowing the
Cache
to respond the cached response, my custom middlewares which are in thesecure-api
group never get the chance to do anything.How to reproduce
Http/Kernel.php
create a new middleware group.env
configure statamic REST api to use the given middleware groupLogs
No response
Environment
Installation
Fresh statamic/statamic site via CLI
Antlers Parser
None
Additional details
No response
The text was updated successfully, but these errors were encountered: