Commit 3ea33b76 authored by Christopher Speller's avatar Christopher Speller Committed by Joram Wilander

Improving token lookup. (#9436)

parent 1463df21
......@@ -213,6 +213,13 @@ func (a *App) authenticateUser(user *model.User, password, mfaToken string) (*mo
func ParseAuthTokenFromRequest(r *http.Request) (string, TokenLocation) {
authHeader := r.Header.Get(model.HEADER_AUTH)
// Attempt to parse the token from the cookie
if cookie, err := r.Cookie(model.SESSION_COOKIE_TOKEN); err == nil {
return cookie.Value, TokenLocationCookie
}
// Parse the token from the header
if len(authHeader) > 6 && strings.ToUpper(authHeader[0:6]) == model.HEADER_BEARER {
// Default session token
return authHeader[7:], TokenLocationHeader
......@@ -221,11 +228,6 @@ func ParseAuthTokenFromRequest(r *http.Request) (string, TokenLocation) {
return authHeader[6:], TokenLocationHeader
}
// Attempt to parse the token from the cookie
if cookie, err := r.Cookie(model.SESSION_COOKIE_TOKEN); err == nil {
return cookie.Value, TokenLocationCookie
}
// Attempt to parse token out of the query string
if token := r.URL.Query().Get("access_token"); token != "" {
return token, TokenLocationQueryString
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment