From 3e26b93971afaf4d8cb166cbd2428585165d98fe Mon Sep 17 00:00:00 2001
From: Cohee <18619528+Cohee1207@users.noreply.github.com>
Date: Sat, 22 Feb 2025 14:14:40 +0200
Subject: [PATCH] Do not register whitelist middleware if whitelist disabled

---
 server.js                   | 9 +++++++--
 src/middleware/whitelist.js | 7 +++----
 2 files changed, 10 insertions(+), 6 deletions(-)

diff --git a/server.js b/server.js
index 678ec8949..e609c902e 100644
--- a/server.js
+++ b/server.js
@@ -340,9 +340,14 @@ const CORS = cors({
 
 app.use(CORS);
 
-if (listen && basicAuthMode) app.use(basicAuthMiddleware);
+if (listen && basicAuthMode) {
+    app.use(basicAuthMiddleware);
+}
+
+if (enableWhitelist) {
+    app.use(whitelistMiddleware());
+}
 
-app.use(whitelistMiddleware(enableWhitelist));
 if (listen) {
     app.use(accessLoggerMiddleware());
 }
diff --git a/src/middleware/whitelist.js b/src/middleware/whitelist.js
index 730770a3e..4674e6607 100644
--- a/src/middleware/whitelist.js
+++ b/src/middleware/whitelist.js
@@ -47,10 +47,9 @@ function getForwardedIp(req) {
 
 /**
  * Returns a middleware function that checks if the client IP is in the whitelist.
- * @param {boolean} whitelistMode If whitelist mode is enabled via config or command line
  * @returns {import('express').RequestHandler} The middleware function
  */
-export default function whitelistMiddleware(whitelistMode) {
+export default function whitelistMiddleware() {
     const forbiddenWebpage = Handlebars.compile(
         safeReadFileSync('./public/error/forbidden-by-whitelist.html') ?? '',
     );
@@ -65,8 +64,8 @@ export default function whitelistMiddleware(whitelistMode) {
         const userAgent = req.headers['user-agent'];
 
         //clientIp = req.connection.remoteAddress.split(':').pop();
-        if (whitelistMode === true && !whitelist.some(x => ipMatching.matches(clientIp, ipMatching.getMatch(x)))
-            || forwardedIp && whitelistMode === true && !whitelist.some(x => ipMatching.matches(forwardedIp, ipMatching.getMatch(x)))
+        if (!whitelist.some(x => ipMatching.matches(clientIp, ipMatching.getMatch(x)))
+            || forwardedIp && !whitelist.some(x => ipMatching.matches(forwardedIp, ipMatching.getMatch(x)))
         ) {
             // Log the connection attempt with real IP address
             const ipDetails = forwardedIp