chore: update access token order

2 years ago · 745902e8b1
parent ad3487a9ac
commit 745902e8b1
2 changed files with 9 additions and 8 deletions
--- a/api/v1/jwt.go
+++ b/api/v1/jwt.go
@ -36,15 +36,15 @@ func extractTokenFromHeader(c echo.Context) (string, error) {
 }

 func findAccessToken(c echo.Context) string {
-	accessToken := ""
-	cookie, _ := c.Cookie(auth.AccessTokenCookieName)
-	if cookie != nil {
-		accessToken = cookie.Value
-	}
+	// Check the HTTP request header first.
+	accessToken, _ := extractTokenFromHeader(c)
 	if accessToken == "" {
-		accessToken, _ = extractTokenFromHeader(c)
+		// Check the cookie.
+		cookie, _ := c.Cookie(auth.AccessTokenCookieName)
+		if cookie != nil {
+			accessToken = cookie.Value
+		}
 	}
-
 	return accessToken
 }

--- a/api/v2/acl.go
+++ b/api/v2/acl.go
@ -127,6 +127,7 @@ func (in *GRPCAuthInterceptor) authenticate(ctx context.Context, accessToken str
 }

 func getTokenFromMetadata(md metadata.MD) (string, error) {
+	// Check the HTTP request header first.
 	authorizationHeaders := md.Get("Authorization")
 	if len(md.Get("Authorization")) > 0 {
 		authHeaderParts := strings.Fields(authorizationHeaders[0])
@ -135,7 +136,7 @@ func getTokenFromMetadata(md metadata.MD) (string, error) {
 		}
 		return authHeaderParts[1], nil
 	}
-	// check the HTTP cookie
+	// Check the cookie header.
 	var accessToken string
 	for _, t := range append(md.Get("grpcgateway-cookie"), md.Get("cookie")...) {
 		header := http.Header{}