From 73ace759202b53230df2216c2049575968ce367e Mon Sep 17 00:00:00 2001
From: Paul Pan <i@0x7f.app>
Date: Sat, 15 Jul 2023 18:28:55 +0800
Subject: [PATCH] feat: allow not to prepend "bearer " in Authorization

---
 internal/web/jwt/middleware.go | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/internal/web/jwt/middleware.go b/internal/web/jwt/middleware.go
index f9f5f1b..4ea2d0b 100644
--- a/internal/web/jwt/middleware.go
+++ b/internal/web/jwt/middleware.go
@@ -10,13 +10,18 @@ import (
 func (s *service) Handler(forced bool) gin.HandlerFunc {
 	return func(c *gin.Context) {
 		claim, status := func() (*model.Claim, e.Status) {
-			const tokenPrefix = "bearer "
 			tokenHeader := c.GetHeader("Authorization")
-			if tokenHeader == "" || !strings.HasPrefix(strings.ToLower(tokenHeader), tokenPrefix) {
+			if tokenHeader == "" {
 				return nil, e.TokenEmpty
 			}
 
-			token := tokenHeader[len(tokenPrefix):]
+			token := tokenHeader
+			const tokenPrefix = "bearer "
+			if strings.HasPrefix(strings.ToLower(tokenHeader), tokenPrefix) {
+				// don't force "bearer" prefix
+				token = tokenHeader[len(tokenPrefix):]
+			}
+
 			claim, status := s.ParseToken(token)
 			if status != e.Success {
 				return nil, status