Skip to content

frontend: Return StatusUnauthorized for anonymous requests to raw endpoint

Warren Gifford requested to merge core/raw-api-auth into master

Created by: keegancsmith

Raw endpoint should be an API endpoint, but lives under the UI for auth in browser reasons. However, given extensions interact with it we want it to return API like status codes when a user is not logged in.

This adds special casing in our RequireAuthMiddleware for the raw route. This is done in a similiar fashion as our anonymous access routes, except it just affects the HTTP status code returned.

Fixes https://github.com/sourcegraph/sourcegraph/issues/1248

Merge request reports

Loading