From 1ecb60f1b0474ebca5dbf33e4299ee89f586bb23 Mon Sep 17 00:00:00 2001
From: Revant Nandgaonkar <revant.one@gmail.com>
Date: Fri, 17 Nov 2023 14:10:37 +0530
Subject: [PATCH] fix: call auth hooks before validate auth

---
 frappe/app.py  | 4 +++-
 frappe/auth.py | 1 -
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/frappe/app.py b/frappe/app.py
index c036b65e9c..6b8ba0110b 100644
--- a/frappe/app.py
+++ b/frappe/app.py
@@ -22,7 +22,7 @@ import frappe.rate_limiter
 import frappe.recorder
 import frappe.utils.response
 from frappe import _
-from frappe.auth import SAFE_HTTP_METHODS, UNSAFE_HTTP_METHODS, HTTPRequest, validate_auth
+from frappe.auth import SAFE_HTTP_METHODS, UNSAFE_HTTP_METHODS, HTTPRequest, validate_auth, validate_auth_via_hooks
 from frappe.middlewares import StaticDataMiddleware
 from frappe.utils import CallbackManager, cint, get_site_name
 from frappe.utils.data import escape_html
@@ -94,6 +94,8 @@ def application(request: Request):
 
 		init_request(request)
 
+		validate_auth_via_hooks()
+
 		validate_auth()
 
 		if request.method == "OPTIONS":
diff --git a/frappe/auth.py b/frappe/auth.py
index 65e1fe8fac..25621951e0 100644
--- a/frappe/auth.py
+++ b/frappe/auth.py
@@ -571,7 +571,6 @@ def validate_auth():
 	authorization_header = frappe.get_request_header("Authorization", "").split(" ")
 
 	if len(authorization_header) == 2:
-		validate_auth_via_hooks()
 		validate_oauth(authorization_header)
 		validate_auth_via_api_keys(authorization_header)