From 2cddb5ca86ac99e295cc2dfbb4452fd85559110a Mon Sep 17 00:00:00 2001
From: james-prysm <90280386+james-prysm@users.noreply.github.com>
Date: Thu, 1 Feb 2024 09:13:52 -0600
Subject: [PATCH] fixing jwt auth checks (#13565)

---
 api/constants.go             | 6 +++++-
 validator/rpc/intercepter.go | 4 ++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/api/constants.go b/api/constants.go
index 3266cd934..0b981f18a 100644
--- a/api/constants.go
+++ b/api/constants.go
@@ -1,3 +1,7 @@
 package api
 
-const WebUrlPrefix = "/v2/validator/"
+const (
+	WebUrlPrefix        = "/v2/validator/"
+	WebApiUrlPrefix     = "/api/v2/validator/"
+	KeymanagerApiPrefix = "/eth/v1"
+)
diff --git a/validator/rpc/intercepter.go b/validator/rpc/intercepter.go
index 99b2aef0a..11874beb3 100644
--- a/validator/rpc/intercepter.go
+++ b/validator/rpc/intercepter.go
@@ -39,8 +39,8 @@ func (s *Server) JWTInterceptor() grpc.UnaryServerInterceptor {
 func (s *Server) JwtHttpInterceptor(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		// if it's not initialize or has a web prefix
-		if !strings.Contains(r.URL.Path, api.WebUrlPrefix+"initialize") && // ignore some routes
-			!strings.Contains(r.URL.Path, api.WebUrlPrefix+"health/logs") {
+		if strings.Contains(r.URL.Path, api.WebApiUrlPrefix) || strings.Contains(r.URL.Path, api.KeymanagerApiPrefix) {
+			// ignore some routes
 			reqToken := r.Header.Get("Authorization")
 			if reqToken == "" {
 				http.Error(w, "unauthorized: no Authorization header passed. Please use an Authorization header with the jwt created in the prysm wallet", http.StatusUnauthorized)