Class: BetterAuth::Middleware::OriginCheck

Inherits:

Object

Object
BetterAuth::Middleware::OriginCheck

show all

Defined in:: lib/better_auth/middleware/origin_check.rb

Constant Summary collapse

DEPRECATION_WARNING =

"[Deprecation] disableOriginCheck: true currently also disables CSRF checks. In a future version, disableOriginCheck will ONLY disable URL validation. To keep CSRF disabled, add disableCSRFCheck: true to your config."

Instance Method Summary collapse

#call(endpoint_context) ⇒ Object
#initialize ⇒ OriginCheck constructor

A new instance of OriginCheck.

Constructor Details

#initialize ⇒ `OriginCheck`

Returns a new instance of OriginCheck.



8
9
10

# File 'lib/better_auth/middleware/origin_check.rb', line 8

def initialize
  @warned_backward_compat = false
end

Instance Method Details

#call(endpoint_context) ⇒ `Object`

# File 'lib/better_auth/middleware/origin_check.rb', line 12

def call(endpoint_context)
  return if %w[GET OPTIONS HEAD].include?(endpoint_context.method)

  validate_origin(endpoint_context)
  validate_fetch_metadata(endpoint_context)
  return if skip_origin_check?(endpoint_context)

  validate_callback_urls(endpoint_context)
  nil
rescue APIError => error
  Endpoint::Result.new(response: error.to_h, status: error.status_code, headers: error.headers).to_rack_response
end

Class: BetterAuth::Middleware::OriginCheck

Constant Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize ⇒ OriginCheck

Instance Method Details

#call(endpoint_context) ⇒ Object

#initialize ⇒ `OriginCheck`

#call(endpoint_context) ⇒ `Object`