Skip to content

Commit

Permalink
Allow /api/ routes without WebAuthentication (#2455)
Browse files Browse the repository at this point in the history
  • Loading branch information
@vincentgna
vincentgna authored Sep 8, 2022
1 parent b3b1107 commit 99e1f10
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion server/middleware.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ package server

import (
"net/http"
"strings"

"github.com/runatlantis/atlantis/server/logging"
"github.com/urfave/negroni"
Expand Down Expand Up @@ -46,7 +47,8 @@ func (l *RequestLogger) ServeHTTP(rw http.ResponseWriter, r *http.Request, next
if !l.WebAuthentication ||
r.URL.Path == "/events" ||
r.URL.Path == "/healthz" ||
r.URL.Path == "/status" {
r.URL.Path == "/status" ||
strings.HasPrefix(r.URL.Path, "/api/") {
allowed = true
} else {
user, pass, ok := r.BasicAuth()
Expand Down

0 comments on commit 99e1f10

Please sign in to comment.