fix: Specify the bypassed urls properly, with method

2024-12-23 17:41:58 +01:00 · 2024-12-23 17:41:58 +01:00 · db4fc34fe7
parent 29f63d85c1
commit db4fc34fe7
1 changed files with 23 additions and 10 deletions
--- a/app/src/main/java/com/p_vacho/neat_calendar/api/AuthInterceptor.kt
+++ b/app/src/main/java/com/p_vacho/neat_calendar/api/AuthInterceptor.kt
@ -27,23 +27,36 @@ class AuthInterceptor(
    }

    companion object {
-        // List of URLs to bypass in the interceptor
-        private val bypassedUrls = listOf(
-            "/ping",
-            "/auth/login",
-            "/auth/refresh",
-            "/auth/logout"
+        // Map of HTTP methods to their respective paths to bypass
+        //
+        // These are either unauthorized endpoints (don't need auth)
+        // or endpoints which require a refresh token header, not access token
+        // (The refresh token is then passed as a param in the service func call)
+        private val bypassedUrls = mapOf(
+            "GET" to listOf(
+                "/ping",
+                "/session"
+            ),
+            "POST" to listOf(
+                "/auth/login",
+                "/auth/logout",
+                "/auth/refresh",
+                "/users",
+            )
        )
    }

    override fun intercept(chain: Interceptor.Chain): Response {
        val originalRequest = chain.request()
+        val method = originalRequest.method()
+        val path = originalRequest.url().encodedPath()

-        // Check if the request URL is in the bypass list
-        if (bypassedUrls.any { originalRequest.url().encodedPath() == it }) {
-            return chain.proceed(originalRequest)
+        // Check if the method-path combination is in the bypass list
+        bypassedUrls[method]?.let { paths ->
+            if (paths.contains(path)) {
+                return chain.proceed(originalRequest)
+            }
        }
-
        try {

            // No point in continuing if our refresh token expired, make the user to re-login