summaryrefslogtreecommitdiffstats
path: root/app/authentication.go
diff options
context:
space:
mode:
Diffstat (limited to 'app/authentication.go')
-rw-r--r--app/authentication.go12
1 files changed, 7 insertions, 5 deletions
diff --git a/app/authentication.go b/app/authentication.go
index 087a9b230..83552639e 100644
--- a/app/authentication.go
+++ b/app/authentication.go
@@ -213,6 +213,13 @@ func (a *App) authenticateUser(user *model.User, password, mfaToken string) (*mo
func ParseAuthTokenFromRequest(r *http.Request) (string, TokenLocation) {
authHeader := r.Header.Get(model.HEADER_AUTH)
+
+ // Attempt to parse the token from the cookie
+ if cookie, err := r.Cookie(model.SESSION_COOKIE_TOKEN); err == nil {
+ return cookie.Value, TokenLocationCookie
+ }
+
+ // Parse the token from the header
if len(authHeader) > 6 && strings.ToUpper(authHeader[0:6]) == model.HEADER_BEARER {
// Default session token
return authHeader[7:], TokenLocationHeader
@@ -221,11 +228,6 @@ func ParseAuthTokenFromRequest(r *http.Request) (string, TokenLocation) {
return authHeader[6:], TokenLocationHeader
}
- // Attempt to parse the token from the cookie
- if cookie, err := r.Cookie(model.SESSION_COOKIE_TOKEN); err == nil {
- return cookie.Value, TokenLocationCookie
- }
-
// Attempt to parse token out of the query string
if token := r.URL.Query().Get("access_token"); token != "" {
return token, TokenLocationQueryString
generated by cgit v1.2.3-1-g7c22 (git 2.25.1) at 2024-05-19 18:55:00 +0000