doomtube/beeta
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fixes
All checks were successful
Build and Push / build-all (push) Successful in 22s
Details

Browse source
This commit is contained in:
doomtube 2026-01-06 21:32:34 -05:00
parent c20a5e7486
commit fc0385c8d5
3 changed files with 94 additions and 70 deletions
Download patch file Download diff file Expand all files Collapse all files

8
chat-service/src/controllers/ChatWebSocketController.cpp
View file

@ -98,7 +98,7 @@ void ChatWebSocketController::handleNewConnection(const HttpRequestPtr& req,
// Bots must send { type: "auth", apiKey: "..." } message after connecting
// This prevents API keys from being logged in server access logs
{
// Check for token in query params or headers
// Check for token in query params, headers, or httpOnly cookie
auto token = req->getParameter("token");
LOG_DEBUG << "Token from query param: " << (token.empty() ? "(empty)" : "present");
@ -110,6 +110,12 @@ void ChatWebSocketController::handleNewConnection(const HttpRequestPtr& req,
}
}
// Check httpOnly auth_token cookie (browser sends this with WebSocket upgrade request)
if (token.empty()) {
token = req->getCookie("auth_token");
LOG_DEBUG << "Token from auth_token cookie: " << (token.empty() ? "(empty)" : "present");
}
if (!token.empty()) {
LOG_INFO << "Attempting to verify JWT token";
auto& authService = services::AuthService::getInstance();