1
0
Fork 0

Split header by space

main
Jordan Hotmann 2023-11-17 11:56:22 -07:00
parent f46fa6bacd
commit 21b45b4255
No known key found for this signature in database
GPG Key ID: 01B504170C2A2EA3
1 changed files with 5 additions and 8 deletions

View File

@ -99,18 +99,15 @@ func tokenAuthMiddleware(next http.Handler) http.Handler {
return
}
authHeaderParts := strings.Split(r.Header.Get("Authorization"), "")
switch {
case len(authHeaderParts) != 2:
case authHeaderParts[0] != "Bearer":
case authHeaderParts[1] != cfg.HatsToken:
logger.Debug("Checking bearer token")
authHeaderParts := strings.Split(r.Header.Get("Authorization"), " ")
if len(authHeaderParts) != 2 || authHeaderParts[0] != "Bearer" || authHeaderParts[1] != cfg.HatsToken {
logger.Warn("Unauthorized request", "method", r.Method, "path", r.URL.Path, "address", r.RemoteAddr)
http.Error(w, "Bearer authorization header doesn't match configured token", http.StatusUnauthorized)
return
default:
logger.Debug("Token valid")
next.ServeHTTP(w, r)
}
logger.Debug("Token valid")
next.ServeHTTP(w, r)
})
}