fix: get access token from Authorization header

This commit is contained in:
əlemi 2024-04-09 14:22:58 +02:00
parent b021ae5941
commit 1732fa23bd

View file

@ -50,7 +50,11 @@ class AppService:
async def _handler(self, request: web.Request) -> web.Response:
self.logger.debug("handling webhook callback %s", request)
hs_token = request.query.getone("access_token")
hs_token = request.headers.get("Authorization")
if not hs_token:
hs_token = request.query.get("access_token") # older method
else:
hs_token = hs_token.replace("Bearer ", "")
if not hs_token:
return web.Response(status=401)
if hs_token != self.hs_token: