Trailing slash on rootPath not taken into account by authentication

[bgatellier]

Hi 👋

First of all thanks for AdminJS, I am very happy to use it and it saves us a lot of time in our Company.

We did some tests recently about authentication, and it seems that there is a hole in the admin route management.

Here is what we observed:

• AdminJS is configured with a /admin rootPath
• We are using the default authentication system, with a custom authenticate handler
• Being logged out:
  • Accessing /admin prompt the expected login screen
  • Accessing /admin/ shows to the dashboard and bypass the login screen 🚨

We are using AdminJS in a NestJS 8.4.2 context, with AdminJS 5.7.4 and authentication enabled:

auth: {
  authenticate: authenticateAdmin,
  cookieName: adminCookieInfo.name,
  cookiePassword: adminCookieInfo.password,
},
sessionOptions: {
  secret: adminCookieInfo.password,
  store: new PGStore({
    pool: pgSessionPool,
    tableName: 'user_session',
  }),
},
adminJsOptions: {
  rootPath: '/admin',
}

After some investigations, it seems that the problem is located in the isAdminRoute function from the src/authentication/protected-routes.handler.ts file when the isAdminRootUrl is set.
At this point, url and adminRootPath are different: url is /admin/ (the URL from my test), and adminRootPath is /admin.
As I do not fully understand the consequences of changing the code in this file, I prefer not to suggest a PR and only report an issue.

Edit: updating to the latest AdminJS / @adminjs/express (6.2.3 / 5.0.0) does not fix the issue unfortunately.