MCPcopy
hub / github.com/mudler/LocalAI / isExemptPath

Function isExemptPath

core/http/auth/middleware.go:550–575  ·  view source on GitHub ↗

isExemptPath returns true if the path should skip authentication.

(path string, appConfig *config.ApplicationConfig)

Source from the content-addressed store, hash-verified

548
549// isExemptPath returns true if the path should skip authentication.
550func isExemptPath(path string, appConfig *config.ApplicationConfig) bool {
551 // Auth endpoints are always public
552 if strings.HasPrefix(path, "/api/auth/") {
553 return true
554 }
555
556 // Node self-service endpoints — authenticated via registration token, not global auth.
557 // Only exempt the specific known endpoints, not the entire prefix.
558 if strings.HasPrefix(path, "/api/node/") {
559 if path == "/api/node/register" ||
560 strings.HasSuffix(path, "/heartbeat") ||
561 strings.HasSuffix(path, "/drain") ||
562 strings.HasSuffix(path, "/deregister") {
563 return true
564 }
565 }
566
567 // Check configured exempt paths
568 for _, p := range appConfig.PathWithoutAuth {
569 if strings.HasPrefix(path, p) {
570 return true
571 }
572 }
573
574 return false
575}
576
577// isAPIPath returns true for paths that always require authentication.
578func isAPIPath(path string) bool {

Callers 1

MiddlewareFunction · 0.85

Calls

no outgoing calls

Tested by

no test coverage detected