fix: [code-2114] API redirecting to Login (#2245)

* fix: [code-2114] return Unauthorized for anonymous principal call to user api * fix: [code-2114] API redirecting to Login
2024-07-19 18:46:22 +00:00 · 2024-07-19 18:46:22 +00:00 · 3539266fb3
parent 0bbcc98b61
commit 3539266fb3
2 changed files with 3 additions and 3 deletions
--- a/app/api/middleware/principal/principal.go
+++ b/app/api/middleware/principal/principal.go
@ -45,8 +45,7 @@ func RestrictTo(pType enum.PrincipalType) func(http.Handler) http.Handler {
 			if p.UID == types.AnonymousPrincipalUID {
 				log.Ctx(ctx).Debug().Msgf("Valid principal is required, received an Anonymous.")

-				// TODO: revert to Unauthorized once UI is handling it properly.
-				render.NotFound(ctx, w)
+				render.Unauthorized(ctx, w)
 				return
 			}

--- a/web/src/AppContext.tsx
+++ b/web/src/AppContext.tsx
@ -79,7 +79,8 @@ export const AppContextProvider: React.FC<{ value: AppProps }> = React.memo(func
    // Fetch current user when conditions to fetch it matched and
    //  - cache does not exist yet
    //  - or cache is expired
-    if (!lazy && (!currentUser || cacheStrategy.isExpired())) {
+    //  - currentSession is not Public
+    if (!lazy && (!currentUser || cacheStrategy.isExpired()) && !initialValue.isCurrentSessionPublic) {
      fetchCurrentUser()
    }
  }, [lazy, fetchCurrentUser, currentUser])