From c0a10ab98c24a5c9f6920a796106e154003b37b0 Mon Sep 17 00:00:00 2001
From: Daniel <845765@qq.com>
Date: Fri, 29 Mar 2024 17:09:13 +0800
Subject: [PATCH] :art: Improve API Token authentication
 https://github.com/siyuan-note/siyuan/issues/10792

---
 kernel/model/session.go | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/kernel/model/session.go b/kernel/model/session.go
index d3d80dc26..1f1ea2273 100644
--- a/kernel/model/session.go
+++ b/kernel/model/session.go
@@ -235,8 +235,18 @@ func CheckAuth(c *gin.Context) {
 
 	// 通过 API token (header: Authorization)
 	if authHeader := c.GetHeader("Authorization"); "" != authHeader {
+		var token string
 		if strings.HasPrefix(authHeader, "Token ") {
-			token := strings.TrimPrefix(authHeader, "Token ")
+			token = strings.TrimPrefix(authHeader, "Token ")
+		} else if strings.HasPrefix(authHeader, "token ") {
+			token = strings.TrimPrefix(authHeader, "token ")
+		} else if strings.HasPrefix(authHeader, "Bearer ") {
+			token = strings.TrimPrefix(authHeader, "Bearer ")
+		} else if strings.HasPrefix(authHeader, "bearer ") {
+			token = strings.TrimPrefix(authHeader, "bearer ")
+		}
+
+		if "" != token {
 			if Conf.Api.Token == token {
 				c.Next()
 				return