From 33120b249625061f15c19b601f43436bd72662d7 Mon Sep 17 00:00:00 2001
From: Ink33 <51873347+Ink-33@users.noreply.github.com>
Date: Sat, 29 Aug 2020 16:44:31 +0800
Subject: [PATCH] Update websocket.go

---
 server/websocket.go | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/server/websocket.go b/server/websocket.go
index 7f0cae6..bc917e9 100644
--- a/server/websocket.go
+++ b/server/websocket.go
@@ -206,7 +206,7 @@ func (c *websocketClient) onBotPushEvent(m coolq.MSG) {
 
 func (s *websocketServer) event(w http.ResponseWriter, r *http.Request) {
 	if s.token != "" {
-		if r.URL.Query().Get("access_token") != s.token && strings.SplitN(r.Header.Get("Authorization"), " ", 2)[1] != s.token {
+		if r.URL.Query().Get("access_token") != s.token || strings.SplitN(r.Header.Get("Authorization"), " ", 2)[1] != s.token {
 			log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
 			w.WriteHeader(401)
 			return
@@ -235,7 +235,7 @@ func (s *websocketServer) event(w http.ResponseWriter, r *http.Request) {
 
 func (s *websocketServer) api(w http.ResponseWriter, r *http.Request) {
 	if s.token != "" {
-		if r.URL.Query().Get("access_token") != s.token && strings.SplitN(r.Header.Get("Authorization"), " ", 2)[1] != s.token {
+		if r.URL.Query().Get("access_token") != s.token || strings.SplitN(r.Header.Get("Authorization"), " ", 2)[1] != s.token {
 			log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
 			w.WriteHeader(401)
 			return
@@ -253,7 +253,7 @@ func (s *websocketServer) api(w http.ResponseWriter, r *http.Request) {
 
 func (s *websocketServer) any(w http.ResponseWriter, r *http.Request) {
 	if s.token != "" {
-		if r.URL.Query().Get("access_token") != s.token && strings.SplitN(r.Header.Get("Authorization"), " ", 2)[1] != s.token {
+		if r.URL.Query().Get("access_token") != s.token || strings.SplitN(r.Header.Get("Authorization"), " ", 2)[1] != s.token {
 			log.Warnf("已拒绝 %v 的 Websocket 请求: Token错误", r.RemoteAddr)
 			w.WriteHeader(401)
 			return