MCPcopy Index your code
hub / github.com/syncthing/syncthing / isNoAuthPath

Function isNoAuthPath

lib/api/api_auth.go:96–125  ·  view source on GitHub ↗
(path string, metricsWithoutAuth bool)

Source from the content-addressed store, hash-verified

94}
95
96func isNoAuthPath(path string, metricsWithoutAuth bool) bool {
97 // Local variable instead of module var to prevent accidental mutation
98 noAuthPaths := []string{
99 "/",
100 "/index.html",
101 "/modal.html",
102 "/rest/svc/lang", // Required to load language settings on login page
103 }
104
105 if metricsWithoutAuth {
106 noAuthPaths = append(noAuthPaths, "/metrics")
107 }
108
109 // Local variable instead of module var to prevent accidental mutation
110 noAuthPrefixes := []string{
111 // Static assets
112 "/assets/",
113 "/syncthing/",
114 "/vendor/",
115 "/theme-assets/", // This leaks information from config, but probably not sensitive
116
117 // No-auth API endpoints
118 "/rest/noauth",
119 }
120
121 return slices.Contains(noAuthPaths, path) ||
122 slices.ContainsFunc(noAuthPrefixes, func(prefix string) bool {
123 return strings.HasPrefix(path, prefix)
124 })
125}
126
127type basicAuthAndSessionMiddleware struct {
128 tokenCookieManager *tokenCookieManager

Callers 2

ServeHTTPMethod · 0.85
ServeHTTPMethod · 0.85

Calls 1

ContainsMethod · 0.80

Tested by

no test coverage detected