From 11f93542c3fc2572c4d4a25c82587ae6f50ed4c0 Mon Sep 17 00:00:00 2001
From: hippoz <paperplanelive@gmail.com>
Date: Sat, 27 Mar 2021 07:19:11 +0200
Subject: [PATCH] add _id field for messages and allow authorization header for
 rest api requests

---
 brainlet/api/v2/gateway/index.js      | 3 ++-
 brainlet/common/auth/authfunctions.js | 2 +-
 resources/Docs/DOCS.md                | 3 +--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/brainlet/api/v2/gateway/index.js b/brainlet/api/v2/gateway/index.js
index 6ad411b..c54b305 100644
--- a/brainlet/api/v2/gateway/index.js
+++ b/brainlet/api/v2/gateway/index.js
@@ -91,7 +91,8 @@ class GatewayServer extends EventEmitter {
                             author: {
                                 _id: ws.session.user._id,
                                 username: ws.session.user.username
-                            }
+                            },
+                            _id: uuid.v4()
                         }));
 
                         break;
diff --git a/brainlet/common/auth/authfunctions.js b/brainlet/common/auth/authfunctions.js
index 72e861b..022f80a 100755
--- a/brainlet/common/auth/authfunctions.js
+++ b/brainlet/common/auth/authfunctions.js
@@ -35,7 +35,7 @@ const checkToken = (token, minPermissionLevel=config.roleMap.RESTRICTED) => {
 
 function authenticateEndpoint(callback, url=undefined, minPermissionLevel=config.roleMap.RESTRICTED) {
     return (req, res) => {
-        const token = req.cookies.token;
+        const token = req.headers.authorization || req.cookies.token;
         if (!token) return redirect(res, 403, url);
         checkToken(token, minPermissionLevel).then((user) => {
             if (!user) return redirect(res, 403, url);
diff --git a/resources/Docs/DOCS.md b/resources/Docs/DOCS.md
index 737cf11..dd06b52 100644
--- a/resources/Docs/DOCS.md
+++ b/resources/Docs/DOCS.md
@@ -23,8 +23,6 @@ Packets can also have JSON as a payload:
 
 ## Instructions
 
-The terms "channel" and "channel" are used interchangeably.
-
 ## 0:HELLO
 *Part of handshake, Server to client*
 
@@ -177,6 +175,7 @@ JSON data format:
 | content | The text content of the message (max 2000 characters, min 1 character, trimmed) |
 | channel | A [message channel object](#message-channel-object) |
 | author | A [message author object](#message-author-object) |
+| _id | A UUIDv4 |
 
 ## Message channel object