fix: allow custom app endpoints

2026-01-19 18:56:39 +05:30
parent 535bb60d69
commit 9425f2aa0e
1 changed files with 11 additions and 0 deletions
--- a/lms/auth.py
+++ b/lms/auth.py
@@ -64,6 +64,9 @@ def authenticate():
 	if is_server_script_path(path):
 		return

+	if is_custom_app_endpoint(path):
+		return
+
 	if path in ALLOWED_PATHS:
 		return
 	frappe.throw(f"Access not allowed for this URL: {path}", frappe.PermissionError)
@@ -74,3 +77,11 @@ def is_server_script_path(path):
 	if frappe.db.exists("Server Script", {"script_type": "API", "api_method": endpoint, "disabled": 0}):
 		return True
 	return False
+
+
+def is_custom_app_endpoint(path):
+	allowed_custom_endpoints = frappe.conf.get("allowed_custom_endpoints", [])
+	for endpoint in allowed_custom_endpoints:
+		if endpoint in path:
+			return True
+	return False