From 8deca40049931d09bbb4343f5424c16d6c41ce68 Mon Sep 17 00:00:00 2001
From: Jonathan Barrow <jonbarrow1998@gmail.com>
Date: Fri, 9 Aug 2024 18:47:34 -0400
Subject: [PATCH] fix: make NNAS middleware only allow Basic tokens on
 "devices" endpoints

---
 src/middleware/pnid.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/middleware/pnid.ts b/src/middleware/pnid.ts
index 2381bc3..4bc769c 100644
--- a/src/middleware/pnid.ts
+++ b/src/middleware/pnid.ts
@@ -20,7 +20,7 @@ async function PNIDMiddleware(request: express.Request, response: express.Respon
 		token = Buffer.from(token, 'hex').toString('base64');
 	}
 
-	if (type === 'Basic') {
+	if (type === 'Basic' && request.path.includes('v1/api/people/@me/devices')) {
 		pnid = await getPNIDByBasicAuth(token);
 	} else if (type === 'Bearer') {
 		// TODO - This "accepted types list" is mostly a hack. Change this