fix: correct authentication logic to be optional when no secret set

Co-Authored-By: Han Xiao <[email protected]>
jina-ai · Feb 9, 2025 · 1d8999f · 1d8999f
1 parent f1e41e7
commit 1d8999f
Showing 1 changed file with 5 additions and 7 deletions.
diff --git a/src/server.ts b/src/server.ts
@@ -39,13 +39,11 @@ interface QueryRequest extends Request {
 // OpenAI-compatible chat completions endpoint
 app.post('/v1/chat/completions', (async (req: Request, res: Response) => {
   // Check authentication only if secret is set
-  if (secret) {
-    const authHeader = req.headers.authorization;
-    if (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== secret) {
-      console.log('[chat/completions] Unauthorized request');
-      res.status(401).json({ error: 'Unauthorized' });
-      return;
-    }
+  const authHeader = req.headers.authorization;
+  if (secret && (!authHeader || !authHeader.startsWith('Bearer ') || authHeader.split(' ')[1] !== secret)) {
+    console.log('[chat/completions] Unauthorized request');
+    res.status(401).json({ error: 'Unauthorized' });
+    return;
   }
 
   // Log request details (excluding sensitive data)