feat: amo unauthirized way

middleware/http_middleware.go

@@ -31,8 +31,7 @@ func NewMiddleware(
 	allowedRoles map[string]string,
 ) *Middleware {
 	return &Middleware{
-		logger: logger,
-		//	mongo:          mongo,
+		logger:         logger,
 		allowedOrigins: allowedOrigins,
 		allowedRoles:   allowedRoles,
 	}
@@ -118,16 +117,20 @@ func (mw *Middleware) MiddlewareJwt(next http.Handler) http.Handler {
 				return
 			}
 			if len(r.Header[jwt_adapter.DefaultHeaderKey]) <= 0 {
-				if sessCookie, err := r.Cookie(sessionKey); err != nil {
-					id := xid.New().String()
-					adapter = &jwt_adapter.JwtAdapter{Id: id}
-					http.SetCookie(w, &http.Cookie{
-						Name:    sessionKey,
-						Value:   id,
-						Expires: time.Now().Add(time.Hour * 24 * 30),
-					})
+				if len(r.Header[sessionKey]) <= 0 {
+					if sessCookie, err := r.Cookie(sessionKey); err != nil {
+						id := xid.New().String()
+						adapter = &jwt_adapter.JwtAdapter{Id: id}
+						http.SetCookie(w, &http.Cookie{
+							Name:    sessionKey,
+							Value:   id,
+							Expires: time.Now().Add(time.Hour * 24 * 30),
+						})
+					} else {
+						adapter = &jwt_adapter.JwtAdapter{Id: sessCookie.Value}
+					}
 				} else {
-					adapter = &jwt_adapter.JwtAdapter{Id: sessCookie.Value}
+					adapter = &jwt_adapter.JwtAdapter{Id: r.Header[sessionKey][0]}
 				}
 			} else {
 				token = r.Header[jwt_adapter.DefaultHeaderKey][0]