From f164d35c1cb757cc925ba05a9b56e1fddce55c1b Mon Sep 17 00:00:00 2001 From: "Builder.io" Date: Sun, 9 Nov 2025 06:45:58 +0000 Subject: [PATCH] completionId: cgen-02c71446f19f4d3fb0ed515f8a799ef0 cgen-02c71446f19f4d3fb0ed515f8a799ef0 --- server/index.ts | 35 +++++++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/server/index.ts b/server/index.ts index bd5045ee..71d4794e 100644 --- a/server/index.ts +++ b/server/index.ts @@ -1240,26 +1240,41 @@ export function createServer() { app.post("/api/discord/admin-register-commands", async (req, res) => { try { const authHeader = req.headers.authorization; - const token = - authHeader?.replace("Bearer ", "") || (req.body?.token as string); + const tokenFromBody = req.body?.token as string; + + // Extract token from Bearer header + let token = null; + if (authHeader && authHeader.startsWith("Bearer ")) { + token = authHeader.substring(7); // Remove "Bearer " prefix + } else if (tokenFromBody) { + token = tokenFromBody; + } const adminToken = process.env.DISCORD_ADMIN_REGISTER_TOKEN; + + // Log for debugging console.log( - "[Discord] Token auth check - hasAdminToken:", - !!adminToken, - "hasProvidedToken:", - !!token, - "matches:", - token === adminToken, + "[Discord] Token auth check:", + JSON.stringify({ + adminToken: adminToken ? `***${adminToken.slice(-3)}` : "NOT_SET", + token: token ? `***${token.slice(-3)}` : "MISSING", + authHeader: authHeader ? "PRESENT" : "MISSING", + tokenFromBody: tokenFromBody ? "PRESENT" : "MISSING", + matches: token === adminToken, + }) ); if (!adminToken || !token || token !== adminToken) { console.error( - "[Discord] Authorization failed - adminToken set:", - !!adminToken, + "[Discord] Authorization failed - token mismatch or missing" ); return res.status(401).json({ error: "Unauthorized - invalid or missing admin token", + debug: { + hasAdminToken: !!adminToken, + hasProvidedToken: !!token, + tokenMatches: token === adminToken, + } }); }