GithubBackup/moemail
1
0
Fork 0
mirror of https://github.com/beilunyang/moemail.git synced 2026-06-22 07:43:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix(sharing): allowlist /api/shared in middleware

Browse Source 
Anonymous callers to the shared mailbox API got 401 because the
middleware matcher's broad page pattern catches /api paths but the
inner allowlist only carved out /api/auth. SSR rendered the mailbox
listing, but every client-side fetch (message detail, polling,
pagination) was rejected, so opening a shared mailbox showed the list
without being able to read any message body.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
This commit is contained in:
ty
2026-05-26 18:07:06 +08:00
parent faf68d0836
commit bf51e843ee
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
middleware.ts
View File

@@ -19,7 +19,10 @@ export async function middleware(request: Request) {
const pathname = url.pathname
if (pathname.startsWith('/api')) {
if (pathname.startsWith('/api/auth')) {
if (
pathname.startsWith('/api/auth') ||
pathname.startsWith('/api/shared')
) {
return NextResponse.next()
}