From fd2190e969f5e90380ff860c4fde75f174de89e6 Mon Sep 17 00:00:00 2001
From: Yuli <stremovsky@gmail.com>
Date: Thu, 20 Feb 2025 13:43:46 +0200
Subject: [PATCH] Fix auth check

---
 src/bunker.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/bunker.go b/src/bunker.go
index d83f686..53689fe 100644
--- a/src/bunker.go
+++ b/src/bunker.go
@@ -408,11 +408,16 @@ func (e mainEnv) getUserToken(w http.ResponseWriter, r *http.Request, mode strin
 		if event != nil {
 			event.Record = userToken
 		}
+		_, exists := r.Header["X-Bunker-Token"]
+                // if strict check is disabled and we have no auth token
+                if exists == false && strictCheck == false {
+                        return userToken, userBSON, nil
+                }
 		//log.Printf("getUserToken -> EnforceAuth()")
 		if e.EnforceAuth(w, r, event) == "" {
 			//log.Printf("XToken validation error")
 			return "", userBSON, errors.New("incorrect access token")
-	}
+		}
 		return userToken, userBSON, nil
 	}
 	// not found