From 0729d0dea37114641c71ad554f28d2e81e85943d Mon Sep 17 00:00:00 2001
From: chungyau97 <chungyau97@gmail.com>
Date: Fri, 30 Jun 2023 09:18:32 +0800
Subject: [PATCH] modify whitelistURLs

---
 packages/server/src/index.ts | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/packages/server/src/index.ts b/packages/server/src/index.ts
index 3e729464b..0b39f73b0 100644
--- a/packages/server/src/index.ts
+++ b/packages/server/src/index.ts
@@ -93,7 +93,13 @@ export class App {
             const basicAuthMiddleware = basicAuth({
                 users: { [username]: password }
             })
-            const whitelistURLs = ['/api/v1/prediction/', '/api/v1/node-icon/', '/api/v1/chatflows-streaming']
+            const whitelistURLs = [
+                '/api/v1/verify/apikey/',
+                '/api/v1/chatflows/apikey/',
+                '/api/v1/prediction/',
+                '/api/v1/node-icon/',
+                '/api/v1/chatflows-streaming'
+            ]
             this.app.use((req, res, next) => {
                 if (req.url.includes('/api/v1/')) {
                     whitelistURLs.some((url) => req.url.includes(url)) ? next() : basicAuthMiddleware(req, res, next)
@@ -492,7 +498,7 @@ export class App {
         })
 
         // Verify api key
-        this.app.get('/api/v1/apikey/:apiKey', async (req: Request, res: Response) => {
+        this.app.get('/api/v1/verify/apikey/:apiKey', async (req: Request, res: Response) => {
             try {
                 const apiKey = await getApiKey(req.params.apiKey)
                 if (!apiKey) return res.status(401).send('Unauthorized')