From 408caea75044e4819b4fb3182e112356932f2301 Mon Sep 17 00:00:00 2001
From: Gabriel Luiz Freitas Almeida <gabriel@logspace.ai>
Date: Tue, 29 Aug 2023 10:40:09 -0300
Subject: [PATCH] =?UTF-8?q?=F0=9F=94=92=20chore(api.tsx):=20refactor=20req?=
 =?UTF-8?q?uest=20interceptor=20logic=20to=20improve=20readability=20and?=
 =?UTF-8?q?=20maintainability?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/frontend/src/controllers/API/api.tsx | 44 +++++++++++++++---------
 1 file changed, 28 insertions(+), 16 deletions(-)

diff --git a/src/frontend/src/controllers/API/api.tsx b/src/frontend/src/controllers/API/api.tsx
index d1a8ffa2c..59fba4393 100644
--- a/src/frontend/src/controllers/API/api.tsx
+++ b/src/frontend/src/controllers/API/api.tsx
@@ -63,28 +63,40 @@ function ApiInterceptor() {
       }
     );
 
+    const isAuthorizedURL = (url) => {
+      const authorizedDomains = [
+        "https://raw.githubusercontent.com/logspace-ai/langflow_examples/main/examples",
+        "https://api.github.com/repos/logspace-ai/langflow_examples/contents/examples",
+        "https://api.github.com/repos/logspace-ai/langflow",
+        "auto_login",
+      ];
+
+      const authorizedEndpoints = ["auto_login"];
+
+      try {
+        const parsedURL = new URL(url);
+
+        const isDomainAllowed = authorizedDomains.some(
+          (domain) => parsedURL.origin === new URL(domain).origin
+        );
+        const isEndpointAllowed = authorizedEndpoints.some((endpoint) =>
+          parsedURL.pathname.includes(endpoint)
+        );
+
+        return isDomainAllowed || isEndpointAllowed;
+      } catch (e) {
+        // Invalid URL
+        return false;
+      }
+    };
+
     // Request interceptor to add access token to every request
     const requestInterceptor = api.interceptors.request.use(
       (config) => {
-        if (accessToken) {
+        if (accessToken && !isAuthorizedURL(config?.url)) {
           config.headers["Authorization"] = `Bearer ${accessToken}`;
         }
 
-        if (
-          config?.url?.includes(
-            "https://raw.githubusercontent.com/logspace-ai/langflow_examples/main/examples"
-          ) ||
-          config?.url?.includes(
-            "https://api.github.com/repos/logspace-ai/langflow_examples/contents/examples"
-          ) ||
-          config?.url?.includes(
-            "https://api.github.com/repos/logspace-ai/langflow"
-          ) ||
-          config?.url?.includes("auto_login")
-        ) {
-          delete config.headers["Authorization"];
-        }
-
         return config;
       },
       (error) => {