v0.1.4 (#38)

Reviewed-on: wrenn/wrenn#38 Co-authored-by: pptx704 <rafeed@omukk.dev> Co-committed-by: pptx704 <rafeed@omukk.dev>
2026-05-01 09:01:08 +00:00
parent 52ad21c339
commit 4fcc19e91f
23 changed files with 437 additions and 117 deletions
--- a/internal/api/middleware_jwt.go
+++ b/internal/api/middleware_jwt.go
@ -22,13 +22,6 @@ func requireJWT(secret []byte, queries *db.Queries) func(http.Handler) http.Hand
 				tokenStr = strings.TrimPrefix(header, "Bearer ")
 			}
 			if tokenStr == "" {
-				// WebSocket upgrade requests may not have an Authorization header
-				// (browsers cannot set custom headers on WS connections). Let them
-				// through — the handler authenticates via the first WS message.
-				if isWebSocketUpgrade(r) {
-					next.ServeHTTP(w, r)
-					return
-				}
 				writeError(w, http.StatusUnauthorized, "unauthorized", "Authorization: Bearer <token> required")
 				return
 			}