From a2f92f92a22f37d1628e28bec8fb1481db858d49 Mon Sep 17 00:00:00 2001
From: SamTV12345 <40429738+samtv12345@users.noreply.github.com>
Date: Fri, 24 May 2024 21:30:31 +0200
Subject: [PATCH] Fixed api query authorization

---
 src/node/handler/APIHandler.ts | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/node/handler/APIHandler.ts b/src/node/handler/APIHandler.ts
index 9fae9eb93..5feb74eb9 100644
--- a/src/node/handler/APIHandler.ts
+++ b/src/node/handler/APIHandler.ts
@@ -175,9 +175,7 @@ exports.handle = async function (apiVersion: string, functionName: string, field
     throw new createHTTPError.NotFound('no such function');
   }
 
-  if(!req.headers.authorization) {
-    throw new createHTTPError.Unauthorized('no or wrong API Key');
-  }
+
 
   if (apikey !== null && apikey.trim().length > 0) {
     fields.apikey = fields.apikey || fields.api_key || fields.authorization;
@@ -186,6 +184,9 @@ exports.handle = async function (apiVersion: string, functionName: string, field
       throw new createHTTPError.Unauthorized('no or wrong API Key');
     }
   } else {
+    if(!req.headers.authorization) {
+      throw new createHTTPError.Unauthorized('no or wrong API Key');
+    }
     try {
       await jwtVerify(req.headers.authorization!.replace("Bearer ", ""), publicKeyExported!, {algorithms: ['RS256'],
         requiredClaims: ["admin"]})