From c99d24b5fe224f4813663373ed4d777277c594ff Mon Sep 17 00:00:00 2001
From: David Barroso <dbarrosop@dravetech.com>
Date: Sat, 3 Feb 2024 15:51:22 +0100
Subject: [PATCH] asd

---
 src/middleware/auth.ts | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/src/middleware/auth.ts b/src/middleware/auth.ts
index 381b6b103..707666b49 100644
--- a/src/middleware/auth.ts
+++ b/src/middleware/auth.ts
@@ -30,9 +30,11 @@ export const authenticationGate = (
       return sendError(res, 'unauthenticated-user');
     }
 
-    const auth = req.auth as RequestAuth;
-    if (await failsElevatedCheck(auth, bypassIfNoKeys)) {
+    if (checkElevatedPermissions) {
+      const auth = req.auth as RequestAuth;
+      if (await failsElevatedCheck(auth, bypassIfNoKeys)) {
         return sendError(res, 'elevated-claim-required');
+      }
     }
 
     return next();
@@ -40,14 +42,7 @@ export const authenticationGate = (
 }
 
 export const failsElevatedCheck = async (auth: RequestAuth, bypassIfNoKeys = false) => {
-  if (!checkElevatedPermissions ||
-    ENV.AUTH_REQUIRE_ELEVATED_CLAIM === 'disabled' ||
-    !ENV.AUTH_WEBAUTHN_ENABLED
-  ) {
-    return false;
-  }
-
-  if (auth.elevated) {
+  if (ENV.AUTH_REQUIRE_ELEVATED_CLAIM === 'disabled' || !ENV.AUTH_WEBAUTHN_ENABLED || auth.elevated) {
     return false;
   }