Skip to content

fix: add @AllowAnonymous to root endpoint alongside @Public and @SkipArcjet#15

Merged
kenneth-loto merged 2 commits into
developfrom
fix/root-endpoint-allow-anonymous
Jul 1, 2026
Merged

fix: add @AllowAnonymous to root endpoint alongside @Public and @SkipArcjet#15
kenneth-loto merged 2 commits into
developfrom
fix/root-endpoint-allow-anonymous

Conversation

@kenneth-loto

Copy link
Copy Markdown
Owner

Summary

Adds @AllowAnonymous() to the root GET / handler so Better Auth's global guard stops blocking the endpoint.

What's Changed

  • Added @AllowAnonymous import from @thallesp/nestjs-better-auth
  • Applied @AllowAnonymous() to getRoot() alongside the existing @Public()
    and @SkipArcjet()

Why

Two independent global guards run on every request. Our AuthGuard reads @Public() and Better Auth's guard reads @AllowAnonymous() — neither recognises the other's decorator. The root endpoint needs all three skip decorators to pass both guards and Arcjet.

…Arcjet

- add @AllowAnonymous from @thallesp/nestjs-better-auth to root get handler
- both @public and @AllowAnonymous are required since two independent global
guards run: our AuthGuard reads @public, better auth's guard reads @AllowAnonymous
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown

Base branch auto-updated: This PR has been redirected from main to develop. Please ensure feature, fix, or chore branches are integrated into develop before production releases.

@github-actions github-actions Bot changed the base branch from main to develop July 1, 2026 16:21
@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Scanned Files

None

@kenneth-loto kenneth-loto merged commit 97182fa into develop Jul 1, 2026
10 checks passed
@kenneth-loto kenneth-loto deleted the fix/root-endpoint-allow-anonymous branch July 1, 2026 16:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant