From 748cc21b9581b4575c5efe385a7601aba9a3f8a8 Mon Sep 17 00:00:00 2001
From: Mathieu Lussier <mathieu.lussier@hotmail.com>
Date: Thu, 4 Jul 2024 14:31:15 -0400
Subject: [PATCH] check token from authorization and extract it if needed

---
 src/middlewares/auth.middleware.ts | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/middlewares/auth.middleware.ts b/src/middlewares/auth.middleware.ts
index 6eff4e5..0c7020a 100644
--- a/src/middlewares/auth.middleware.ts
+++ b/src/middlewares/auth.middleware.ts
@@ -26,7 +26,11 @@ export const checkApiToken = async (
   res: Response,
   next: NextFunction
 ) => {
-  const token = req.headers['x-api-key'];
+  let token = req.headers['x-api-key'] || req.headers['authorization'];
+  // if token is in the authorization header, we need to extract it
+  if (token && token.toString().startsWith('Bearer ')) {
+    token = token.toString().replace('Bearer ', '');
+  }
   const secretKey = process.env.JWT_TOKEN_SECRET || '';
 
   if (!token) {