From 29180bcd8d89df42d69735a74e8801d679e04d0e Mon Sep 17 00:00:00 2001
From: SelfhostedPro <info@selfhosted.pro>
Date: Thu, 18 Feb 2021 18:05:57 -0800
Subject: [PATCH] fixing auth check on websockets

---
 backend/api/routers/apps.py | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/backend/api/routers/apps.py b/backend/api/routers/apps.py
index c34a9096..7eb3629d 100644
--- a/backend/api/routers/apps.py
+++ b/backend/api/routers/apps.py
@@ -83,7 +83,8 @@ def deploy_app(template: schemas.DeployForm, Authorize: AuthJWT = Depends()):
 
 @router.websocket("/{app_name}/livelogs")
 async def logs(websocket: WebSocket, app_name: str, Authorize: AuthJWT = Depends()):
-    if settings.DISABLE_AUTH != True and settings.DISABLE_AUTH != "True":
+    auth_setting = str(settings.DISABLE_AUTH)
+    if auth_setting.lower() == "true":
         try:
             csrf = websocket._cookies["csrf_access_token"]
             Authorize.jwt_required("websocket", websocket=websocket, csrf_token=csrf)
@@ -105,7 +106,8 @@ async def logs(websocket: WebSocket, app_name: str, Authorize: AuthJWT = Depends
 
 @router.websocket("/{app_name}/stats")
 async def stats(websocket: WebSocket, app_name: str, Authorize: AuthJWT = Depends()):
-    if settings.DISABLE_AUTH != True and settings.DISABLE_AUTH != "True":
+    auth_setting = str(settings.DISABLE_AUTH)
+    if auth_setting.lower() == "true":
         try:
             csrf = websocket._cookies["csrf_access_token"]
             Authorize.jwt_required("websocket", websocket=websocket, csrf_token=csrf)
@@ -158,7 +160,8 @@ async def stats(websocket: WebSocket, app_name: str, Authorize: AuthJWT = Depend
 
 @router.websocket("/stats")
 async def dashboard(websocket: WebSocket, Authorize: AuthJWT = Depends()):
-    if settings.DISABLE_AUTH == "True":
+    auth_setting = str(settings.DISABLE_AUTH)
+    if auth_setting.lower() == "true":
         pass
     else:
         try: