From 84d5e0a85d561f915229967e1488bb827bd9012a Mon Sep 17 00:00:00 2001
From: "christian.julian" <zs22016079@estudiantes.uv.mx>
Date: Sun, 15 Jun 2025 16:29:50 -0600
Subject: [PATCH] fix

---
 api_candidatos/api/index.php | 15 ++++++++-------
 1 file changed, 8 insertions(+), 7 deletions(-)

diff --git a/api_candidatos/api/index.php b/api_candidatos/api/index.php
index 62b6de7..6c170bd 100644
--- a/api_candidatos/api/index.php
+++ b/api_candidatos/api/index.php
@@ -41,13 +41,14 @@ switch (true) {
         break;
         
     case preg_match('#^/candidatos#', $normalizedPath):
-    // Temporalmente comentar la validación para probar
-    // require_once __DIR__ . '/../src/OAuth/Middleware/AuthMiddleware.php';
-    // if (\OAuth\Middleware\AuthMiddleware::verifyToken()) {
-        require_once __DIR__ . '/../src/candidatos/index.php';
-    // }
-    break;
-
+        // Verificar token de OAuth 2.0 antes de acceder a rutas protegidas
+        require_once __DIR__ . '/../src/OAuth/Middleware/AuthMiddleware.php';
+        
+        // Solo continuamos si el token es válido
+        if (\OAuth\Middleware\AuthMiddleware::verifyToken()) {
+            require_once __DIR__ . '/../src/candidatos/index.php';
+        }
+        break;
 
     default:
         http_response_code(404);