Files
wehub-resource-sync e115934061
Publish `@librechat/data-schemas` to NPM / pack (push) Failing after 8s
Publish `@librechat/data-schemas` to NPM / publish-npm (push) Waiting to run
Publish `@librechat/client` to NPM / pack (push) Failing after 0s
GitNexus Index / index (push) Failing after 1s
Sync Locize Translations & Create Translation PR / Create Translation PR on Version Published (push) Has been skipped
Sync Helm Chart Tags / Sync chart tags (push) Failing after 2s
Publish `librechat-data-provider` to NPM / pack (push) Failing after 1s
Publish `@librechat/client` to NPM / publish-npm (push) Waiting to run
Publish `librechat-data-provider` to NPM / publish-npm (push) Waiting to run
Docker Dev Images Build / build (Dockerfile, librechat-dev, node) (push) Failing after 1s
Docker Dev Images Build / build (Dockerfile.multi, librechat-dev-api, api-build) (push) Failing after 0s
Sync Helm Chart Tags / Ignore non-main push (push) Has been skipped
Sync Locize Translations & Create Translation PR / Sync Translation Keys with Locize (push) Failing after 1s
GitNexus Index / post-index (push) Waiting to run
chore: import upstream snapshot with attribution
2026-07-13 12:08:12 +08:00

36 lines
1.2 KiB
JavaScript

const cookies = require('cookie');
const passport = require('passport');
const { isEnabled, tenantContextMiddleware } = require('@librechat/api');
const hasPassportStrategy = (strategy) =>
typeof passport._strategy === 'function' && passport._strategy(strategy) != null;
// This middleware does not require authentication,
// but if the user is authenticated, it will set the user object
// and establish tenant ALS context.
const optionalJwtAuth = (req, res, next) => {
const cookieHeader = req.headers.cookie;
const tokenProvider = cookieHeader ? cookies.parse(cookieHeader).token_provider : null;
const useOpenIdJwt =
tokenProvider === 'openid' &&
isEnabled(process.env.OPENID_REUSE_TOKENS) &&
hasPassportStrategy('openidJwt');
const callback = (err, user) => {
if (err) {
return next(err);
}
if (user) {
req.user = user;
req.authStrategy = useOpenIdJwt ? 'openidJwt' : 'jwt';
return tenantContextMiddleware(req, res, next);
}
next();
};
if (useOpenIdJwt) {
return passport.authenticate('openidJwt', { session: false }, callback)(req, res, next);
}
passport.authenticate('jwt', { session: false }, callback)(req, res, next);
};
module.exports = optionalJwtAuth;