From 11f93542c3fc2572c4d4a25c82587ae6f50ed4c0 Mon Sep 17 00:00:00 2001 From: hippoz Date: Sat, 27 Mar 2021 07:19:11 +0200 Subject: [PATCH] add _id field for messages and allow authorization header for rest api requests --- brainlet/api/v2/gateway/index.js | 3 ++- brainlet/common/auth/authfunctions.js | 2 +- resources/Docs/DOCS.md | 3 +-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/brainlet/api/v2/gateway/index.js b/brainlet/api/v2/gateway/index.js index 6ad411b..c54b305 100644 --- a/brainlet/api/v2/gateway/index.js +++ b/brainlet/api/v2/gateway/index.js @@ -91,7 +91,8 @@ class GatewayServer extends EventEmitter { author: { _id: ws.session.user._id, username: ws.session.user.username - } + }, + _id: uuid.v4() })); break; diff --git a/brainlet/common/auth/authfunctions.js b/brainlet/common/auth/authfunctions.js index 72e861b..022f80a 100755 --- a/brainlet/common/auth/authfunctions.js +++ b/brainlet/common/auth/authfunctions.js @@ -35,7 +35,7 @@ const checkToken = (token, minPermissionLevel=config.roleMap.RESTRICTED) => { function authenticateEndpoint(callback, url=undefined, minPermissionLevel=config.roleMap.RESTRICTED) { return (req, res) => { - const token = req.cookies.token; + const token = req.headers.authorization || req.cookies.token; if (!token) return redirect(res, 403, url); checkToken(token, minPermissionLevel).then((user) => { if (!user) return redirect(res, 403, url); diff --git a/resources/Docs/DOCS.md b/resources/Docs/DOCS.md index 737cf11..dd06b52 100644 --- a/resources/Docs/DOCS.md +++ b/resources/Docs/DOCS.md @@ -23,8 +23,6 @@ Packets can also have JSON as a payload: ## Instructions -The terms "channel" and "channel" are used interchangeably. - ## 0:HELLO *Part of handshake, Server to client* @@ -177,6 +175,7 @@ JSON data format: | content | The text content of the message (max 2000 characters, min 1 character, trimmed) | | channel | A [message channel object](#message-channel-object) | | author | A [message author object](#message-author-object) | +| _id | A UUIDv4 | ## Message channel object