fix: Fix local-auth for api /connect/:devid

Signed-off-by: Jianhui Zhao <[email protected]>
zhaojh329 · Dec 13, 2024 · 0e1fdf1 · 0e1fdf1
1 parent 41d902d
commit 0e1fdf1
Showing 1 changed file with 6 additions and 2 deletions.
diff --git a/api.go b/api.go
@@ -159,6 +159,10 @@ func apiStart(br *broker) {
 		isConnect := false
 		devid := ""
 
+		if !cfg.LocalAuth && isLocalRequest(c) {
+			return
+		}
+
 		if strings.HasPrefix(c.Request.URL.Path, "/connect/") {
 			devid = c.Param("devid")
 			if devid == "" {
@@ -340,9 +344,9 @@ func apiStart(br *broker) {
 
 	r.GET("/authorized/:devid", func(c *gin.Context) {
 		devid := c.Param("devid")
-		authorized := false
+		authorized := !cfg.LocalAuth && isLocalRequest(c)
 
-		if devInWhiteList(devid, cfg) {
+		if !authorized && devInWhiteList(devid, cfg) {
 			authorized = true
 		}