From b6f3cd7c1f71a5928698dab6d426a969512c6a6a Mon Sep 17 00:00:00 2001 From: Harvey Tindall Date: Thu, 12 Nov 2020 21:25:52 +0000 Subject: [PATCH] dont re-b64 the jwt pointless, and messed up swagger auth. --- auth.go | 5 ++--- ts/modules/common.ts | 6 +++--- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/auth.go b/auth.go index 0fbe841..fc927c4 100644 --- a/auth.go +++ b/auth.go @@ -51,8 +51,7 @@ func (app *appContext) authenticate(gc *gin.Context) { respond(401, "Unauthorized", gc) return } - creds, _ := base64.StdEncoding.DecodeString(header[1]) - token, err := jwt.Parse(string(creds), checkToken) + token, err := jwt.Parse(string(header[1]), checkToken) if err != nil { app.debug.Printf("Auth denied: %s", err) respond(401, "Unauthorized", gc) @@ -103,7 +102,7 @@ type getTokenDTO struct { } // @Summary Grabs an API token using username & password. -// @description Click the lock icon next to this, login with your normal jfa-go credentials. Click 'try it out', then 'execute' and an API Key will be returned, copy it (not including quotes). On any of the other routes, click the lock icon and set the API key as "Bearer ". +// @description Click the lock icon next to this, login with your normal jfa-go credentials. Click 'try it out', then 'execute' and an API Key will be returned, copy it (not including quotes). On any of the other routes, click the lock icon and set the API key as "Bearer `your api key`". // @Produce json // @Success 200 {object} getTokenDTO // @Failure 401 {object} stringResponse diff --git a/ts/modules/common.ts b/ts/modules/common.ts index 12eb1c4..209cb19 100644 --- a/ts/modules/common.ts +++ b/ts/modules/common.ts @@ -48,7 +48,7 @@ export const _get = (url: string, data: Object, onreadystatechange: () => void): let req = new XMLHttpRequest(); req.open("GET", url, true); req.responseType = 'json'; - req.setRequestHeader("Authorization", "Bearer " + btoa(window.token)); + req.setRequestHeader("Authorization", "Bearer " + window.token); req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8'); req.onreadystatechange = onreadystatechange; req.send(JSON.stringify(data)); @@ -60,7 +60,7 @@ export const _post = (url: string, data: Object, onreadystatechange: () => void, if (response) { req.responseType = 'json'; } - req.setRequestHeader("Authorization", "Bearer " + btoa(window.token)); + req.setRequestHeader("Authorization", "Bearer " + window.token); req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8'); req.onreadystatechange = onreadystatechange; req.send(JSON.stringify(data)); @@ -69,7 +69,7 @@ export const _post = (url: string, data: Object, onreadystatechange: () => void, export function _delete(url: string, data: Object, onreadystatechange: () => void): void { let req = new XMLHttpRequest(); req.open("DELETE", url, true); - req.setRequestHeader("Authorization", "Bearer " + btoa(window.token)); + req.setRequestHeader("Authorization", "Bearer " + window.token); req.setRequestHeader('Content-Type', 'application/json; charset=UTF-8'); req.onreadystatechange = onreadystatechange; req.send(JSON.stringify(data));