From 4b8acd7dbf5f2dcd8ed400679cfca37b0d785db7 Mon Sep 17 00:00:00 2001
From: Rafal Dziegielewski <rafal.dzieg@gmail.com>
Date: Tue, 20 Sep 2022 13:05:48 +0200
Subject: [PATCH] fix: allow access to metadata before authentication

---
 src/Plugin.ts | 29 ++++++++++++++++++++++-------
 1 file changed, 22 insertions(+), 7 deletions(-)

diff --git a/src/Plugin.ts b/src/Plugin.ts
index 52406d5..5a221b6 100644
--- a/src/Plugin.ts
+++ b/src/Plugin.ts
@@ -125,23 +125,38 @@ export class Plugin extends BasePlugin<PluginOptions> {
     this.protectRoutes()
   }
 
+  private buildMetadataRoute(routes: AdminRoute[]) {
+    const route = routes.find((r) => r.action === 'metadata')
+    if (route) {
+      const expressPath = convertToExpressPath(route.path)
+      const handler = this.getRouteHandler(route)
+
+      if (route.method === 'GET') {
+        this.router.get(expressPath, handler)
+      }
+    }
+  }
+
   public buildRoutes(): void {
     const { routes } = AdminRouter
 
     this.router.use(formidableMiddleware(this.options.formidableOptions ?? {}))
 
+    this.buildMetadataRoute(routes)
     this.buildAuthenticationRoutes()
 
     routes.forEach((route) => {
-      const expressPath = convertToExpressPath(route.path)
-      const handler = this.getRouteHandler(route)
+      if (route.action !== 'metadata') {
+        const expressPath = convertToExpressPath(route.path)
+        const handler = this.getRouteHandler(route)
 
-      if (route.method === 'GET') {
-        this.router.get(expressPath, handler)
-      }
+        if (route.method === 'GET') {
+          this.router.get(expressPath, handler)
+        }
 
-      if (route.method === 'POST') {
-        this.router.post(expressPath, handler)
+        if (route.method === 'POST') {
+          this.router.post(expressPath, handler)
+        }
       }
     })
   }