Fixing some issues with public endpoints causing logout loop.

packages/auth/src/middleware/authenticated.js

@@ -23,7 +23,8 @@ function buildNoAuthRegex(patterns) {
   })
 }
 
-function finalise(ctx, { authenticated, user, internal, version } = {}) {
+function finalise(ctx, { authenticated, user, internal, version, publicEndpoint } = {}) {
+  ctx.publicEndpoint = publicEndpoint || false
   ctx.isAuthenticated = authenticated || false
   ctx.user = user
   ctx.internal = internal || false
@@ -90,12 +91,12 @@ module.exports = (noAuthPatterns = [], opts) => {
         authenticated = false
       }
       // isAuthenticated is a function, so use a variable to be able to check authed state
-      finalise(ctx, { authenticated, user, internal, version })
+      finalise(ctx, { authenticated, user, internal, version, publicEndpoint })
       return next()
     } catch (err) {
       // allow configuring for public access
       if ((opts && opts.publicAllowed) || publicEndpoint) {
-        finalise(ctx, { authenticated: false, version })
+        finalise(ctx, { authenticated: false, version, publicEndpoint })
       } else {
         ctx.throw(err.status || 403, err)
       }

packages/builder/src/pages/builder/_layout.svelte

@@ -16,9 +16,6 @@
 
   // Force creation of an admin user if one doesn't exist
   $: {
-    console.log(`loaded: ${loaded}`)
-    console.log(`tenancy: ${multiTenancyEnabled}`)
-    console.log(`tenant set: ${tenantSet}`)
     if (loaded && multiTenancyEnabled && !tenantSet) {
       $redirect("./auth/org")
     } else if (loaded && !hasAdminUser) {

packages/worker/src/api/index.js

@@ -56,7 +56,7 @@ router
   .use(buildAuthMiddleware(PUBLIC_ENDPOINTS))
   // for now no public access is allowed to worker (bar health check)
   .use((ctx, next) => {
-    if (!ctx.isAuthenticated) {
+    if (!ctx.isAuthenticated && !ctx.publicEndpoint) {
       ctx.throw(403, "Unauthorized - no public worker access")
     }
     return next()