Fall-through to next middleware if Authorization isn't of type Bearer.

This should allow standard HTTP auth to function in a subsequent middleware down the stack. Closes #6
ammmir · Jan 26, 2012 · 8cb4ed0 · 8cb4ed0
1 parent 724bef4
commit 8cb4ed0
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/index.js b/index.js
@@ -33,7 +33,7 @@ OAuth2Provider.prototype.login = function() {
 
     if(req.query['access_token']) {
       atok = req.query['access_token'];
-    } else if(req.headers['authorization']) {
+    } else if((req.headers['authorization'] || '').indexOf('Bearer ') == 0) {
       atok = req.headers['authorization'].replace('Bearer', '').trim();
     } else {
       return next();