From 5cc3e47c1a7303f8eb93c131718fbeeba0f4b511 Mon Sep 17 00:00:00 2001
From: suraimu-team <team@suraimu.com>
Date: Tue, 21 Oct 2025 02:01:58 +0800
Subject: [PATCH] fix(auth): Fix admin user authentication for /users/db-health
 endpoint by adding cookie JWT support (#422)

Fixed authentication issue for admin users accessing the /users/db-health endpoint:

- Added JWT token extraction from cookies (req.cookies?.jwt)
- Added support for Bearer token from Authorization header
- Improved error handling for missing and invalid tokens
- Ensured consistent authentication flow for admin users

Changes made:
- Check for JWT token in req.cookies?.jwt
- Support Bearer token from Authorization header
- Return 401 error when token is missing
- Return 401 error when token validation fails

Fixes: https://github.com/Termix-SSH/Support/issues/12
---
 src/backend/utils/auth-manager.ts | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/src/backend/utils/auth-manager.ts b/src/backend/utils/auth-manager.ts
index e560d845..5a1b3263 100644
--- a/src/backend/utils/auth-manager.ts
+++ b/src/backend/utils/auth-manager.ts
@@ -239,12 +239,19 @@ class AuthManager {
 
   createAdminMiddleware() {
     return async (req: Request, res: Response, next: NextFunction) => {
-      const authHeader = req.headers["authorization"];
-      if (!authHeader?.startsWith("Bearer ")) {
-        return res.status(401).json({ error: "Missing Authorization header" });
+      let token = req.cookies?.jwt;
+
+      if (!token) {
+        const authHeader = req.headers["authorization"];
+        if (authHeader?.startsWith("Bearer ")) {
+          token = authHeader.split(" ")[1];
+        }
+      }
+
+      if (!token) {
+        return res.status(401).json({ error: "Missing authentication token" });
       }
 
-      const token = authHeader.split(" ")[1];
       const payload = await this.verifyJWTToken(token);
 
       if (!payload) {