From c43e100b4d96cda7fb17852e0f964933d754404c Mon Sep 17 00:00:00 2001
From: jorgtho <jorgen.thorsnes@gmail.com>
Date: Wed, 7 Sep 2022 14:17:05 +0200
Subject: [PATCH] added auth for DEMO mode, because it is smart for security

---
 lib/with-token-auth.js | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/lib/with-token-auth.js b/lib/with-token-auth.js
index f0ad830..3213981 100644
--- a/lib/with-token-auth.js
+++ b/lib/with-token-auth.js
@@ -6,11 +6,6 @@ const HTTPError = require('./http-error')
 module.exports = async (context, request, next) => {
   logConfig({ azure: { context } })
 
-  if (DEMO) {
-    request.token = { upn: DEMO_USER, DEMO }
-    return next(context, request)
-  }
-
   const bearerToken = request.headers.authorization
   if (!bearerToken) {
     logger('warn', ['with-token-auth', request.url, 'no-authorization-header'])
@@ -22,6 +17,10 @@ module.exports = async (context, request, next) => {
     const validatedToken = await verify(token, TOKEN_AUTH)
     request.token = validatedToken
 
+    if (DEMO) {
+      request.token = { upn: DEMO_USER, DEMO }
+    }
+
     return next(context, request)
   } catch (error) {
     logger('warn', ['with-token-auth', request.url, 'invalid-token', error])