- Add support for "Authorization" header with "Bearer" token fallback in TokenAuthenticationFilter. (#8)

2026-01-10 09:57:57 -05:00 · 2025-05-30 14:15:13 +02:00
parent baac09981b
commit 9281dee297
1 changed files with 6 additions and 0 deletions
--- a/src/main/java/com/dedicatedcode/reitti/config/TokenAuthenticationFilter.java
+++ b/src/main/java/com/dedicatedcode/reitti/config/TokenAuthenticationFilter.java
@@ -28,6 +28,12 @@ public class TokenAuthenticationFilter extends OncePerRequestFilter {
    @Override
    protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
        String authHeader = request.getHeader("X-API-Token");
+        if (authHeader == null) {
+            authHeader = request.getHeader("Authorization");
+            if (authHeader != null && authHeader.startsWith("Bearer ")) {
+                authHeader = authHeader.substring(7);
+            }
+        }

        if(authHeader != null) {
            Optional<User> user = apiTokenService.getUserByToken(authHeader);