fix: allow unauthenticated requests when BRIDGE_AUTH_TOKEN is not set

2026-04-21 19:58:10 +08:00 · 2026-04-21 19:58:10 +08:00 · 44a7869f0f
commit 44a7869f0f
parent 3047f818aa
1 changed files with 3 additions and 6 deletions
--- a/internal/service/token_auth_service.go
+++ b/internal/service/token_auth_service.go
@ -18,15 +18,12 @@ func (s *StaticTokenAuthService) ValidateToken(token string) bool {

 func (s *StaticTokenAuthService) ValidateAuthorizationHeader(header string) bool {
 	header = strings.TrimSpace(header)
+	if s.expectedToken == "" {
+		return true
+	}
 	if header == "" {
 		return false
 	}
-	if s.expectedToken == "" {
-		if !strings.HasPrefix(strings.ToLower(header), "bearer ") {
-			return false
-		}
-		return strings.TrimSpace(header[len("Bearer "):]) != ""
-	}
 	if header == s.expectedToken {
 		return true
 	}