From b05135420cb63dc52b70a8770a147f96ff3bc0ef Mon Sep 17 00:00:00 2001
From: grngxd <36968271+grngxd@users.noreply.github.com>
Date: Sun, 8 Jun 2025 20:45:39 +0100
Subject: [PATCH] fix jwt middleware

---
 .env.example         |  2 ++
 internal/auth/jwt.go | 16 +++++++++++-----
 2 files changed, 13 insertions(+), 5 deletions(-)

diff --git a/.env.example b/.env.example
index 76ca780..4fc749b 100644
--- a/.env.example
+++ b/.env.example
@@ -1,5 +1,7 @@
 IMAGE_PATH=/tmp
 REDIRECT_URI=http://localhost:8081/api/auth/callback
+FRONTEND_URI=
+DOMAIN=
 CLIENT_ID=
 CLIENT_SECRET=
 FRONTEND_URI=
diff --git a/internal/auth/jwt.go b/internal/auth/jwt.go
index 46cea85..7f21182 100644
--- a/internal/auth/jwt.go
+++ b/internal/auth/jwt.go
@@ -27,14 +27,20 @@ func invalidAuth(c *gin.Context) {
 
 func JwtMiddleware(secret string) gin.HandlerFunc {
 	return func(c *gin.Context) {
-		jwtSplit := strings.Split(c.GetHeader("Authorization"), " ")
+		jwt, err := c.Cookie("jwt")
+		if err != nil {
+			// js as a fallback incase hex does a stupid again
+			jwtSplit := strings.Split(c.GetHeader("Authorization"), " ")
 
-		if len(jwtSplit) < 2 || jwtSplit[0] != "Bearer" {
-			invalidAuth(c)
-			return
+			if len(jwtSplit) < 2 || jwtSplit[0] != "Bearer" {
+				invalidAuth(c)
+				return
+			}
+
+			jwt = jwtSplit[1]
 		}
 
-		claims, err := ValidateJWT(jwtSplit[1], secret)
+		claims, err := ValidateJWT(jwt, secret)
 		if err != nil {
 			invalidAuth(c)
 			return