From 65282fef2665e1b4195cb655e6b12aef69eda16d Mon Sep 17 00:00:00 2001
From: Florian Weber <fnwbr@users.noreply.github.com>
Date: Wed, 27 Apr 2022 13:02:57 +0200
Subject: [PATCH] Allow providing auth session token via HTTP header

---
 middlewares/session.js | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/middlewares/session.js b/middlewares/session.js
index b4830fb..dda0cea 100644
--- a/middlewares/session.js
+++ b/middlewares/session.js
@@ -23,7 +23,12 @@ module.exports = (req, res, next) => {
   }
 
   // authentication via session/cookie
-  const token = req.cookies["sdsession"];
+  let token = req.cookies["sdsession"];
+
+  if (!token || token == null) {
+    // authentication via session/header
+    token = req.headers["x-spacedeck-auth"];
+  }
 
   if (token && token != "null" && token != null) {
     db.Session.findOne({ where: { token: token } })