diff --git a/provisioning.go b/provisioning.go index 5b19ae6..c0048a7 100644 --- a/provisioning.go +++ b/provisioning.go @@ -53,7 +53,18 @@ func (prov *ProvisioningAPI) Init() { func (prov *ProvisioningAPI) AuthMiddleware(h http.Handler) http.Handler { return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { auth := r.Header.Get("Authorization") - auth = auth[len("Bearer "):] + if len(auth) == 0 && strings.HasSuffix(r.URL.Path, "/login") { + authParts := strings.Split(r.Header.Get("Sec-WebSocket-Protocol"), ",") + for _, part := range authParts { + part = strings.TrimSpace(part) + if strings.HasPrefix(part, "net.maunium.whatsapp.auth-") { + auth = part[len("net.maunium.whatsapp.auth-"):] + break + } + } + } else if strings.HasPrefix(auth, "Bearer ") { + auth = auth[len("Bearer "):] + } if auth != prov.bridge.Config.AppService.Provisioning.SharedSecret { jsonResponse(w, http.StatusForbidden, map[string]interface{}{ "error": "Invalid auth token", @@ -320,7 +331,12 @@ func (prov *ProvisioningAPI) Logout(w http.ResponseWriter, r *http.Request) { jsonResponse(w, http.StatusOK, Response{true, "Logged out successfully."}) } -var upgrader = websocket.Upgrader{} +var upgrader = websocket.Upgrader{ + CheckOrigin: func(r *http.Request) bool { + return true + }, + Subprotocols: []string{"net.maunium.whatsapp.login"}, +} func (prov *ProvisioningAPI) Login(w http.ResponseWriter, r *http.Request) { userID := r.URL.Query().Get("user_id")