From 5b35cea18185b9825cb900553e759c89bcb974b8 Mon Sep 17 00:00:00 2001
From: Amolith <amolith@secluded.site>
Date: Tue, 8 Feb 2022 17:28:04 -0500
Subject: [PATCH] Improve authentication handling

---
 create.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/create.go b/create.go
index 9e67d6dbd96046981724dcac8c7503c2630b419c..ba523a714c984727a40319ff94d1ba59f906d836 100644
--- a/create.go
+++ b/create.go
@@ -15,8 +15,9 @@ func (m *model) create(writer http.ResponseWriter, request *http.Request) {
 
 	token := request.Header.Get("Authorization")
 	token = strings.TrimPrefix(token, "Bearer ")
+	cookie, err := request.Cookie("access_token")
 
-	if token != m.AccessToken {
+	if token != m.AccessToken && cookie.Value != m.AccessToken {
 		http.Error(writer, "401 Unauthorized: You do not have permission to create shortlinks", 403)
 		return
 	}