From 5b679930de787efc2f70dfe7961cd1677ec2fa0f Mon Sep 17 00:00:00 2001
From: zadam <adam.zivner@gmail.com>
Date: Thu, 11 Feb 2021 23:04:42 +0100
Subject: [PATCH] revert accidentally committed auth changes, #1629

---
 src/routes/routes.js  | 2 +-
 src/services/auth.js  | 6 +++---
 src/services/setup.js | 6 +++---
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/src/routes/routes.js b/src/routes/routes.js
index 62209124d..248cc6fe0 100644
--- a/src/routes/routes.js
+++ b/src/routes/routes.js
@@ -224,7 +224,7 @@ function register(app) {
     route(GET, '/api/setup/status', [], setupApiRoute.getStatus, apiResultHandler);
     route(POST, '/api/setup/new-document', [auth.checkAppNotInitialized], setupApiRoute.setupNewDocument, apiResultHandler);
     route(POST, '/api/setup/sync-from-server', [auth.checkAppNotInitialized], setupApiRoute.setupSyncFromServer, apiResultHandler, false);
-    route(GET, '/api/setup/sync-seed', [auth.checkCredentials], setupApiRoute.getSyncSeed, apiResultHandler);
+    route(GET, '/api/setup/sync-seed', [auth.checkBasicAuth], setupApiRoute.getSyncSeed, apiResultHandler);
     route(POST, '/api/setup/sync-seed', [auth.checkAppNotInitialized], setupApiRoute.saveSyncSeed, apiResultHandler, false);
 
     apiRoute(GET, '/api/sql/schema', sqlRoute.getSchema);
diff --git a/src/services/auth.js b/src/services/auth.js
index 514ef46e1..08fd0457a 100644
--- a/src/services/auth.js
+++ b/src/services/auth.js
@@ -77,8 +77,8 @@ function reject(req, res, message) {
     res.status(401).send(message);
 }
 
-function checkCredentials(req, res, next) {
-    const header = req.headers['trilium-cred'] || '';
+function checkBasicAuth(req, res, next) {
+    const header = req.headers.authorization || '';
     const token = header.split(/\s+/).pop() || '';
     const auth = new Buffer.from(token, 'base64').toString();
     const [username, password] = auth.split(/:/);
@@ -100,5 +100,5 @@ module.exports = {
     checkAppNotInitialized,
     checkApiAuthOrElectron,
     checkToken,
-    checkCredentials
+    checkBasicAuth
 };
diff --git a/src/services/setup.js b/src/services/setup.js
index 40f76c1b5..795b6a334 100644
--- a/src/services/setup.js
+++ b/src/services/setup.js
@@ -70,9 +70,9 @@ async function setupSyncFromSyncServer(syncServerHost, syncProxy, username, pass
         const resp = await request.exec({
             method: 'get',
             url: syncServerHost + '/api/setup/sync-seed',
-            headers: {
-                // not using Authorization header because some proxy servers will filter it out
-                'trilium-cred': Buffer.from(username + ':' + password).toString('base64')
+            auth: {
+                'user': username,
+                'pass': password
             },
             proxy: syncProxy,
             timeout: 30000 // seed request should not take long