From ccb6bbe3e6a0049564662f64da2a07afee2dff98 Mon Sep 17 00:00:00 2001
From: Marco Piovanello <35533749+marcopiovanello@users.noreply.github.com>
Date: Sun, 31 Aug 2025 13:16:36 +0200
Subject: [PATCH 1/2] fixed auth middleware

---
 server/middleware/utils.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/server/middleware/utils.go b/server/middleware/utils.go
index 4d6640e..3956ac8 100644
--- a/server/middleware/utils.go
+++ b/server/middleware/utils.go
@@ -11,9 +11,11 @@ func ApplyAuthenticationByConfig(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		if config.Instance().RequireAuth {
 			Authenticated(next)
+			return
 		}
 		if config.Instance().UseOpenId {
 			openid.Middleware(next)
+			return
 		}
 		next.ServeHTTP(w, r)
 	})

From 8c064858805be78b00ef80bc9a6a781223c9d45a Mon Sep 17 00:00:00 2001
From: Marco Piovanello <35533749+marcopiovanello@users.noreply.github.com>
Date: Mon, 1 Sep 2025 18:31:01 +0200
Subject: [PATCH 2/2] fixed authentication middleware

---
 server/middleware/utils.go | 23 +++++++++++------------
 1 file changed, 11 insertions(+), 12 deletions(-)

diff --git a/server/middleware/utils.go b/server/middleware/utils.go
index 3956ac8..eec5be7 100644
--- a/server/middleware/utils.go
+++ b/server/middleware/utils.go
@@ -8,15 +8,14 @@ import (
 )
 
 func ApplyAuthenticationByConfig(next http.Handler) http.Handler {
-	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if config.Instance().RequireAuth {
-			Authenticated(next)
-			return
-		}
-		if config.Instance().UseOpenId {
-			openid.Middleware(next)
-			return
-		}
-		next.ServeHTTP(w, r)
-	})
-}
+    handler := next
+
+    if config.Instance().RequireAuth {
+        handler = Authenticated(handler)
+    }
+    if config.Instance().UseOpenId {
+        handler = openid.Middleware(handler)
+    }
+
+    return handler
+}
\ No newline at end of file