Change summary
create.go | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
Detailed changes
@@ -15,8 +15,9 @@ func (m *model) create(writer http.ResponseWriter, request *http.Request) {
token := request.Header.Get("Authorization")
token = strings.TrimPrefix(token, "Bearer ")
+ cookie, err := request.Cookie("access_token")
- if token != m.AccessToken {
+ if token != m.AccessToken && cookie.Value != m.AccessToken {
http.Error(writer, "401 Unauthorized: You do not have permission to create shortlinks", 403)
return
}