diff options
author | Christopher Speller <crspeller@gmail.com> | 2018-09-20 07:23:44 -0700 |
---|---|---|
committer | Joram Wilander <jwawilander@gmail.com> | 2018-09-20 10:23:44 -0400 |
commit | 3ea33b76f802b943a942070845d410a985f4235f (patch) | |
tree | ba1d2e403d0b2f2c550aedd1c5a143324fbf1667 | |
parent | 1463df21a57290f8c74fe4ad58deffb111b9f79e (diff) | |
download | chat-3ea33b76f802b943a942070845d410a985f4235f.tar.gz chat-3ea33b76f802b943a942070845d410a985f4235f.tar.bz2 chat-3ea33b76f802b943a942070845d410a985f4235f.zip |
Improving token lookup. (#9436)
-rw-r--r-- | app/authentication.go | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/app/authentication.go b/app/authentication.go index 087a9b230..83552639e 100644 --- a/app/authentication.go +++ b/app/authentication.go @@ -213,6 +213,13 @@ func (a *App) authenticateUser(user *model.User, password, mfaToken string) (*mo func ParseAuthTokenFromRequest(r *http.Request) (string, TokenLocation) { authHeader := r.Header.Get(model.HEADER_AUTH) + + // Attempt to parse the token from the cookie + if cookie, err := r.Cookie(model.SESSION_COOKIE_TOKEN); err == nil { + return cookie.Value, TokenLocationCookie + } + + // Parse the token from the header if len(authHeader) > 6 && strings.ToUpper(authHeader[0:6]) == model.HEADER_BEARER { // Default session token return authHeader[7:], TokenLocationHeader @@ -221,11 +228,6 @@ func ParseAuthTokenFromRequest(r *http.Request) (string, TokenLocation) { return authHeader[6:], TokenLocationHeader } - // Attempt to parse the token from the cookie - if cookie, err := r.Cookie(model.SESSION_COOKIE_TOKEN); err == nil { - return cookie.Value, TokenLocationCookie - } - // Attempt to parse token out of the query string if token := r.URL.Query().Get("access_token"); token != "" { return token, TokenLocationQueryString |