Skip to content

Commit

Permalink
[fix] Neo api guard
Browse files Browse the repository at this point in the history
  • Loading branch information
@trheyi
trheyi committed May 13, 2023
1 parent 1d102f1 commit 5fbf84b
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 15 deletions.
2 changes: 1 addition & 1 deletion neo/neo.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -382,7 +382,7 @@ func (neo *DSL) setGuard(router *gin.Engine) error {

if neo.Guard == "" {
router.Use(func(c *gin.Context) {
token := c.Query("token")
token := strings.TrimSpace(strings.TrimPrefix(c.Query("token"), "Bearer "))
if token == "" {
c.JSON(403, gin.H{"message": "token is required", "code": 403})
c.Abort()
Expand Down
16 changes: 2 additions & 14 deletions studio/middleware.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,20 +65,8 @@ func hdAuth(c *gin.Context) {
tokenString := c.Request.Header.Get("Authorization")

// Get token from query
if tokenString == "" {

// Temporary solution (will be removed in the future)
tokenString = strings.TrimSpace(strings.TrimPrefix(c.Query("token"), "Bearer "))
if tokenString == "" {
c.JSON(403, gin.H{"code": 403, "message": "No permission"})
c.Abort()
return
}

claims := helper.JwtValidate(tokenString, []byte(config.Conf.JWTSecret))
c.Set("__sid", claims.SID)
c.Next()
return
if c.Query("studio") != "" {
tokenString = c.Query("studio")
}

if strings.HasPrefix(tokenString, "Bearer") {
Expand Down

0 comments on commit 5fbf84b

Please sign in to comment.