using custom header for sync authorization to avoid tripping security proxies

2025-11-02 03:16:11 +01:00 · 2021-02-05 21:59:56 +01:00
parent fb3d5f25ac
commit 70708b36ef
3 changed files with 7 additions and 7 deletions
--- a/src/services/auth.js
+++ b/src/services/auth.js
@@ -77,8 +77,8 @@ function reject(req, res, message) {
    res.status(401).send(message);
 }

-function checkBasicAuth(req, res, next) {
-    const header = req.headers.authorization || '';
+function checkCredentials(req, res, next) {
+    const header = req.headers['trilium-cred'] || '';
    const token = header.split(/\s+/).pop() || '';
    const auth = new Buffer.from(token, 'base64').toString();
    const [username, password] = auth.split(/:/);
@@ -100,5 +100,5 @@ module.exports = {
    checkAppNotInitialized,
    checkApiAuthOrElectron,
    checkToken,
-    checkBasicAuth
+    checkCredentials
 };