From 54d52d8d2509f779bff5c01c1d9050d9d0e64f65 Mon Sep 17 00:00:00 2001
From: angular-moon <xiaoxuss@gmail.com>
Date: Thu, 7 Dec 2023 18:19:18 +0800
Subject: [PATCH] fixed: Adjust the api authentication sequence to
 preferentially process authentication to avoid incorrect authentication
 caused by cookies (#572)

---
 .../service/support/permission/controller.ts  | 24 +++++++++----------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/packages/service/support/permission/controller.ts b/packages/service/support/permission/controller.ts
index 8c03bfbe045..8df1cf4bd3a 100644
--- a/packages/service/support/permission/controller.ts
+++ b/packages/service/support/permission/controller.ts
@@ -115,6 +115,18 @@ export async function parseHeaderCert({
     {}) as ReqHeaderAuthType;
 
   const { uid, teamId, tmbId, appId, openApiKey, authType } = await (async () => {
+    if (authApiKey && authorization) {
+      // apikey from authorization
+      const authResponse = await parseAuthorization(authorization);
+      return {
+        uid: authResponse.uid,
+        teamId: authResponse.teamId,
+        tmbId: authResponse.tmbId,
+        appId: authResponse.appId,
+        openApiKey: authResponse.apikey,
+        authType: AuthUserTypeEnum.apikey
+      };
+    }
     if (authToken && (cookie || token)) {
       // user token(from fastgpt web)
       const res = await authCookieToken(cookie, token);
@@ -152,18 +164,6 @@ export async function parseHeaderCert({
       };
     }
 
-    if (authApiKey && authorization) {
-      // apikey from authorization
-      const authResponse = await parseAuthorization(authorization);
-      return {
-        uid: authResponse.uid,
-        teamId: authResponse.teamId,
-        tmbId: authResponse.tmbId,
-        appId: authResponse.appId,
-        openApiKey: authResponse.apikey,
-        authType: AuthUserTypeEnum.apikey
-      };
-    }
     return {
       uid: '',
       teamId: '',