Improve SSE status and event auth handling

2026-03-27 17:55:28 +08:00
parent f437f6939c
commit 65b29bcf03
6 changed files with 77 additions and 22 deletions
--- a/go-server/internal/api/auth.go
+++ b/go-server/internal/api/auth.go
@@ -9,6 +9,13 @@ import (
 func bearerAuthMiddleware(requiredToken string) func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+			if r.URL.Path == "/api/events" {
+				if r.URL.Query().Get("access_token") == requiredToken {
+					next.ServeHTTP(w, r)
+					return
+				}
+			}
+
 			auth := r.Header.Get("Authorization")
 			if !strings.HasPrefix(auth, "Bearer ") {
 				writeError(w, http.StatusUnauthorized, "Missing or invalid Authorization header")