fix: take auth header from initial request too

2026-04-02 10:01:43 -07:00 · 2026-04-02 10:01:43 -07:00 · 5548fe2bb7
commit 5548fe2bb7
parent d7a1b5852c
2 changed files with 14 additions and 2 deletions
--- a/src/server/base.ts
+++ b/src/server/base.ts
@ -1011,7 +1011,7 @@ export abstract class Server {
    await Promise.all(deletes);

    debug(
-      'updating storage manifest to version=%j for=%j',
+      'updating storage manifest to version=%d for=%j',
      manifest.version,
      device.debugId,
    );
--- a/src/server/ws/connection.ts
+++ b/src/server/ws/connection.ts
@ -1015,8 +1015,10 @@ export class Connection extends Service {
    }

    if (path === '/v1/websocket/') {
+      await this.handleAuthHeaders(this.request.headers);
      return;
    }
+
    debug('websocket connection has unexpected URL %s', url);
  }

@ -1080,11 +1082,21 @@ export class Connection extends Service {
      return;
    }

+    await this.handleAuthHeaders(headers);
+  }
+
+  private async handleAuthHeaders(
+    headers: Record<string, string | Array<string> | undefined>,
+  ) {
    const authHeaders = headers.authorization;
-    if (!authHeaders) {
+    if (authHeaders === undefined) {
      debug('Websocket connection does not include Authorization header');
      return;
    }
+    if (Array.isArray(authHeaders)) {
+      debug('Websocket connection includes multiple Authorization headers');
+      return;
+    }
    const { error, username, password } = parseAuthHeader(authHeaders, {
      allowEmptyPassword: true,
    });