allow send the token via query param

Author: idanasulin2706

README.md

@@ -157,6 +157,14 @@ curl --location --request POST 'rest_gateway:4444/stations/<station_name>/produc
 --data-raw '{"message": "New Message"}'
 ```
 
+#### If you don't have the option to add the authorization header, you can send the JWT via query parameters:
+
+```
+curl --location --request POST 'rest_gateway:4444/stations/<station_name>/produce/single?authorization=eyJhbGciOiJIU**********.e30.4KOGRhUaqvm-qSHnmMwX5VrLKsvHo33u3UdJ0qYP0kI' \
+--header 'Content-Type: application/json' \
+--data-raw '{"message": "New Message"}'
+```
+
 Expected output:
 
 ```

middlewares/auth.go

@@ -71,10 +71,13 @@ func Authenticate(c *fiber.Ctx) error {
 		headers := c.GetReqHeaders()
 		tokenString, err := extractToken(headers["Authorization"])
 		if err != nil || tokenString == "" {
-			log.Warnf("Authentication error - jwt token is missing")
-			return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
-				"message": "Unauthorized",
-			})
+			tokenString = c.Query("authorization")
+			if tokenString == "" { // fallback - get the token from the query params
+				log.Warnf("Authentication error - jwt token is missing")
+				return c.Status(fiber.StatusUnauthorized).JSON(fiber.Map{
+					"message": "Unauthorized",
+				})
+			}
 		}
 		err = verifyToken(tokenString, configuration.JWT_SECRET)
 		if err != nil {