From b6d5ee5848044c315cc68dbadcc3202d30bf288a Mon Sep 17 00:00:00 2001
From: Dita Aji Pratama <ditaajipratama@protonmail.com>
Date: Tue, 11 Feb 2025 13:26:33 +0700
Subject: [PATCH] Update logout to get jwt only from Bearer

---
 modules/api/auth.py | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/modules/api/auth.py b/modules/api/auth.py
index b5188b8..3c4b761 100644
--- a/modules/api/auth.py
+++ b/modules/api/auth.py
@@ -447,7 +447,15 @@ class auth:
         APIADDR     = "/api/auth/logout"
         loggorilla.prcss(APIADDR, "Define parameters")
         response    = {}
-        jwt         = params["jwt"  ]
+        loggorilla.prcss(APIADDR, "Extract the token from Header")
+        auth_header = request.get_header('Authorization')
+        loggorilla.prcss(APIADDR, "Check the bearer")
+        if auth_header.split(' ')[0] == 'Bearer':
+            loggorilla.fyinf(APIADDR, "Use bearer")
+            jwt 	    = auth_header.split(' ')[1]
+        else:
+            loggorilla.fyinf(APIADDR, "Not use bearer")
+            jwt = None
         payload     = tokenguard.decode(jwt, globalvar.ssh['key']['public'])
         session_id  = payload["session"]["id"]
         self.cursor.execute("BEGIN;")