Allow authentication through bearer token

2022-03-20 09:57:10 +00:00 · 2022-03-20 09:57:10 +00:00 · 703e6d076b
parent 1817efe608
commit 703e6d076b
1 changed files with 8 additions and 3 deletions
--- a/src/handlers/auth_handler.cr
+++ b/src/handlers/auth_handler.cr
@ -6,6 +6,7 @@ class AuthHandler < Kemal::Handler
  # Some of the code is copied form kemalcr/kemal-basic-auth on GitHub

  BASIC        = "Basic"
+  BEARER       = "Bearer"
  AUTH         = "Authorization"
  AUTH_MESSAGE = "Could not verify your access level for that URL.\n" \
                 "You have to login with proper credentials"
@ -35,13 +36,17 @@ class AuthHandler < Kemal::Handler
  def validate_auth_header(env)
    if env.request.headers[AUTH]?
      if value = env.request.headers[AUTH]
-        if value.size > 0 && value.starts_with?(BASIC)
+        if value.starts_with? BASIC
          token = verify_user value
          return false if token.nil?

          env.session.string "token", token
          return true
        end
+        if value.starts_with? BEARER
+          token = value.split(" ")[1]
+          return Storage.default.verify_token token
+        end
      end
    end
    false
@ -62,8 +67,8 @@ class AuthHandler < Kemal::Handler
    end

    # Check user is logged in
-    if validate_token env
-      # Skip if the request has a valid token
+    if validate_token(env) || validate_auth_header(env)
+      # Skip if the request has a valid token (either from cookies or header)
    elsif Config.current.disable_login
      # Check default username if login is disabled
      unless Storage.default.username_exists Config.current.default_username