feat: PUT/DELETE requests do not need basic auth

SharzyL · SharzyL · commit 2a7b35dfc9c4 · 2024-04-12T11:48:03.000+08:00
diff --git a/README.md b/README.md
@@ -57,7 +57,7 @@ user1 = "passwd1"
 user2 = "passwd2"
 ```
 
-Now every access to PUT or POST request, and every access to the index page, requires an HTTP basic auth with the user-password pair listed above. For example: 
+Now every access to POST request, and every access to static pages, requires an HTTP basic auth with the user-password pair listed above. For example:
 
 ```shell
 $ curl example-pb.com
diff --git a/src/index.js b/src/index.js
@@ -61,9 +61,11 @@ async function handleNormalRequest(request, env, ctx) {
 }
 
 async function handlePostOrPut(request, env, ctx, isPut) {
-  const authResponse = verifyAuth(request, env)
-  if (authResponse !== null) {
-    return authResponse
+  if (!isPut) {  // only POST requires auth, since PUT request already contains auth
+    const authResponse = verifyAuth(request, env)
+    if (authResponse !== null) {
+      return authResponse
+    }
   }
 
   const contentType = request.headers.get("content-type") || ""

Original file line number	Diff line number	Diff line change
`@@ -61,9 +61,11 @@ async function handleNormalRequest(request, env, ctx) {`
`61`	`61`	`}`
`62`	`62`
`63`	`63`	`async function handlePostOrPut(request, env, ctx, isPut) {`
`64`		`- const authResponse = verifyAuth(request, env)`
`65`		`- if (authResponse !== null) {`
`66`		`- return authResponse`
	`64`	`+ if (!isPut) { // only POST requires auth, since PUT request already contains auth`
	`65`	`+ const authResponse = verifyAuth(request, env)`
	`66`	`+ if (authResponse !== null) {`
	`67`	`+ return authResponse`
	`68`	`+ }`
`67`	`69`	`}`
`68`	`70`
`69`	`71`	`const contentType = request.headers.get("content-type") \|\| ""`