diff --git a/Falcon.SugarApi/Swagger/SwaggerBasicAuthMiddleware.cs b/Falcon.SugarApi/Swagger/SwaggerBasicAuthMiddleware.cs
index a2797fb..ae23755 100644
--- a/Falcon.SugarApi/Swagger/SwaggerBasicAuthMiddleware.cs
+++ b/Falcon.SugarApi/Swagger/SwaggerBasicAuthMiddleware.cs
@@ -1,7 +1,6 @@
using Microsoft.AspNetCore.Http;
using System;
using System.Collections.Generic;
-using System.Linq;
using System.Net;
using System.Net.Http.Headers;
using System.Text;
@@ -11,6 +10,7 @@ namespace Falcon.SugarApi.Swagger
{
///
/// Swagger接口基础认证
+ /// 安全认证只对swagger接口页面进行保护
///
public class SwaggerBasicAuthMiddleware
{
@@ -47,12 +47,15 @@ namespace Falcon.SugarApi.Swagger
await ToNext(context);
return;
}
+ var protectPaths = new List { };
var pf = this.Options.Prefix.StartsWith("/") ? this.Options.Prefix : "/" + this.Options.Prefix;
- if(!context.Request.Path.StartsWithSegments(pf)) {
+ protectPaths.Add(pf);
+ protectPaths.Add(pf + "/index.html");
+ if(!protectPaths.Contains(context.Request.Path)) {
await ToNext(context);
return;
}
- string authHeader = context.Request.Headers["Authorization"];
+ string? authHeader = context.Request.Headers["Authorization"];
if(authHeader == null || !authHeader.StartsWith("Basic ")) {
needAuth(context);
return;