From 5d900f082f7bc4bc1f8a66c72cfe7a9e03637514 Mon Sep 17 00:00:00 2001 From: rcourtman Date: Sat, 13 Dec 2025 21:28:50 +0000 Subject: [PATCH] feat: support token query parameter for WebSocket authentication Allows WebSocket connections to authenticate via ?token= query parameter when headers cannot be sent (browser WebSocket limitations). --- internal/api/auth.go | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/internal/api/auth.go b/internal/api/auth.go index e773285..e3e066c 100644 --- a/internal/api/auth.go +++ b/internal/api/auth.go @@ -283,6 +283,12 @@ func CheckAuth(cfg *config.Config, w http.ResponseWriter, r *http.Request) bool } } } + // Check query parameter (for WebSocket connections that can't send headers) + if queryToken := r.URL.Query().Get("token"); queryToken != "" { + if validateToken(queryToken) { + return true + } + } } // Check session cookie (for WebSocket and UI)