0ct0pu5/siyuan
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

🎨 Improve API Token authentication https://github.com/siyuan-note/siyuan/issues/10792

Browse source
This commit is contained in:
Daniel 2024-03-29 17:09:13 +08:00
parent 7d2d76c57c
commit c0a10ab98c
No known key found for this signature in database
GPG key ID: 86211BA83DF03017
1 changed files with 11 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
kernel/model/session.go
View file

@ -235,8 +235,18 @@ func CheckAuth(c *gin.Context) {
// 通过 API token (header: Authorization)
if authHeader := c.GetHeader("Authorization"); "" != authHeader {
var token string
if strings.HasPrefix(authHeader, "Token ") {
token := strings.TrimPrefix(authHeader, "Token ")
token = strings.TrimPrefix(authHeader, "Token ")
} else if strings.HasPrefix(authHeader, "token ") {
token = strings.TrimPrefix(authHeader, "token ")
} else if strings.HasPrefix(authHeader, "Bearer ") {
token = strings.TrimPrefix(authHeader, "Bearer ")
} else if strings.HasPrefix(authHeader, "bearer ") {
token = strings.TrimPrefix(authHeader, "bearer ")
}
if "" != token {
if Conf.Api.Token == token {
c.Next()
return