Merge pull request #226 from effectivemade/backendApp/hotfix/auth

Fix TokenExtractor
effectivemade · Dec 7, 2023 · 0a556fb · 0a556fb
2 parents fed6ff3 + ff82de5
commit 0a556fb
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 4 deletions.
diff --git a/...iveOfficeBackend/src/main/kotlin/office/effective/features/auth/service/TokenExtractor.kt b/...iveOfficeBackend/src/main/kotlin/office/effective/features/auth/service/TokenExtractor.kt
@@ -13,9 +13,10 @@ class TokenExtractor {
      * */
     fun extractToken(call: ApplicationCall): String? {
         val logger = LoggerFactory.getLogger(this::class.java)
-        return call.request.parseAuthorizationHeader()?.render()?.split("Bearer ")?.last() ?: run {
+        val rendered = call.request.parseAuthorizationHeader()?.render() ?: run {
             logger.info("Cannot find auth token")
             return null
         }
+        return rendered.split("Bearer ").last()
     }
 }
diff --git a/effectiveOfficeBackend/src/main/kotlin/office/effective/plugins/CustomAuthorizationPlugin.kt b/effectiveOfficeBackend/src/main/kotlin/office/effective/plugins/CustomAuthorizationPlugin.kt
@@ -22,12 +22,12 @@ val CustomAuthorizationPlugin = createApplicationPlugin(name = "CustomAuthorizat
     onCall { call ->
         run {
             if (pluginOn) {
-                if (!authenticationPipeline.authorize(call)) {
+                if (authenticationPipeline.authorize(call)) {
+                    logger.debug("Authorization succeed")
+                } else {
                     logger.info("Authorization failed")
                     call.response.status(HttpStatusCode.Unauthorized)
                     call.respond("401: authorization failed")
-                } else {
-                    logger.debug("Authorization succeed")
                 }
 
             }