MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Allow bearer token for auth

This commit is contained in:
adrinr 2023-03-09 14:02:55 +01:00
parent e181b5652a
commit f65ded4282
2 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
packages/backend-core/src/constants/misc.ts
View File

@ -23,6 +23,7 @@ export enum Header {
TOKEN = "x-budibase-token",
CSRF_TOKEN = "x-csrf-token",
CORRELATION_ID = "x-budibase-correlation-id",
AUTHORIZATION = "authorization",
}
export enum GlobalRole {

10
packages/backend-core/src/middleware/authenticated.ts
View File

@ -96,9 +96,15 @@ export default function (
}
try {
// check the actual user is authenticated first, try header or cookie
const headerToken = ctx.request.headers[Header.TOKEN]
let headerToken = ctx.request.headers[Header.TOKEN]
const authCookie = getCookie(ctx, Cookie.Auth) || openJwt(headerToken)
const apiKey = ctx.request.headers[Header.API_KEY]
let apiKey = ctx.request.headers[Header.API_KEY]
if (!apiKey && ctx.request.headers[Header.AUTHORIZATION]) {
apiKey = ctx.request.headers[Header.AUTHORIZATION].split(" ")[1]
}
const tenantId = ctx.request.headers[Header.TENANT_ID]
let authenticated = false,
user = null,