clear check authorization.

coolq/bot.go

@@ -551,9 +551,3 @@ func formatMemberName(mem *client.GroupMemberInfo) string {
 	}
 	return fmt.Sprintf("%s(%d)", mem.DisplayName(), mem.Uin)
 }
-
-// ToJSON 生成JSON字符串
-func (m MSG) ToJSON() string {
-	b, _ := json.Marshal(m)
-	return string(b)
-}

server/http.go

@@ -97,12 +97,9 @@ func (s *httpServer) ServeHTTP(writer http.ResponseWriter, request *http.Request
 		writer.WriteHeader(http.StatusNotFound)
 		return
 	}
-
+	if status := checkAuth(request, s.accessToken); status != http.StatusOK {
-	if s.accessToken != "" {
+		writer.WriteHeader(status)
-		if status := checkAuth(request, s.accessToken); status != http.StatusOK {
+		return
-			writer.WriteHeader(status)
-			return
-		}
 	}
 
 	action := strings.TrimPrefix(request.URL.Path, "/")
@@ -116,6 +113,10 @@ func (s *httpServer) ServeHTTP(writer http.ResponseWriter, request *http.Request
 }
 
 func checkAuth(req *http.Request, token string) int {
+	if token == "" { // quick path
+		return http.StatusOK
+	}
+
 	auth := req.Header.Get("Authorization")
 	if auth == "" {
 		auth = req.URL.Query().Get("access_token")
@@ -126,13 +127,13 @@ func checkAuth(req *http.Request, token string) int {
 		}
 	}
 
-	switch {
+	switch auth {
-	case auth == "":
+	case token:
-		return http.StatusUnauthorized
-	case auth != token:
-		return http.StatusForbidden
-	default:
 		return http.StatusOK
+	case "":
+		return http.StatusUnauthorized
+	default:
+		return http.StatusForbidden
 	}
 }