diff --git a/src/authentication/protected-routes.handler.ts b/src/authentication/protected-routes.handler.ts index 4be2ec7..23f820f 100644 --- a/src/authentication/protected-routes.handler.ts +++ b/src/authentication/protected-routes.handler.ts @@ -43,19 +43,21 @@ export const isAdminRoute = (url: string, adminRootPath: string): boolean => { .map((route) => convertToExpressRoute(route.path)) .filter((route) => route !== ""); - let urlWithoutRootPath = url; - if (adminRootPath !== '/') { - urlWithoutRootPath = url.replace(adminRootPath, ''); - if (!urlWithoutRootPath.startsWith('/')) { - urlWithoutRootPath = `/${urlWithoutRootPath}` + let urlWithoutAdminRootPath = url; + if (adminRootPath !== "/") { + urlWithoutAdminRootPath = url.replace(adminRootPath, ""); + if (!urlWithoutAdminRootPath.startsWith("/")) { + urlWithoutAdminRootPath = `/${urlWithoutAdminRootPath}`; } } - const isAdminRootUrl = url === adminRootPath || urlWithoutRootPath === '/'; + const isAdminRootUrl = url === adminRootPath; return ( isAdminRootUrl || - !!adminRoutes.find((route) => pathToRegexp(route).test(urlWithoutRootPath)) + !!adminRoutes.find((route) => + pathToRegexp(route).test(urlWithoutAdminRootPath) + ) ); }; diff --git a/test/protected-routes.test.ts b/test/protected-routes.test.ts index b379114..bdacd84 100644 --- a/test/protected-routes.test.ts +++ b/test/protected-routes.test.ts @@ -56,8 +56,12 @@ describe("Protected routes", () => { }); }); - it("should detect non-admin routes", () => { + it("should detect non-admin routes when root path is /", () => { expect(isAdminRoute("/api/my-endpoint", "/")).toBeFalsy(); }); + + it("should detect non-admin routes when root path is not /", () => { + expect(isAdminRoute("/admin/api/my-endpoint", "/admin")).toBeFalsy(); + }); }); });