MCPcopy Index your code
hub / github.com/writefreely/writefreely / optionalAPIAuth

Function optionalAPIAuth

handle.go:268–280  ·  view source on GitHub ↗

optionalAPIAuth is used for endpoints that accept authenticated requests via Authorization header or cookie, unlike apiAuth. It returns a different err in the case where no Authorization header is present.

(app *App, r *http.Request)

Source from the content-addressed store, hash-verified

266// Authorization header or cookie, unlike apiAuth. It returns a different err
267// in the case where no Authorization header is present.
268func optionalAPIAuth(app *App, r *http.Request) (*User, error) {
269 // Authorize user from Authorization header
270 t := r.Header.Get("Authorization")
271 if t == "" {
272 return nil, ErrNotLoggedIn
273 }
274 u := &User{ID: app.db.GetUserID(t)}
275 if u.ID == -1 {
276 return nil, ErrBadAccessToken
277 }
278
279 return u, nil
280}
281
282func webAuth(app *App, r *http.Request) (*User, error) {
283 u := getUserSession(app, r)

Callers 2

AllReaderMethod · 0.85
LogHandlerFuncMethod · 0.85

Calls 1

GetUserIDMethod · 0.65

Tested by

no test coverage detected