Hello team,

I've made some modifications related to JWT authentication that I would like to bring to your attention. It appears that token validation was not being performed in the methods listed below. Additionally, I attempted to integrate it with HLS, but encountered some issues. It might be beneficial to review these changes to ensure everything is functioning as expected.

Modified Files:

internal/api/api.go
internal/metrics/metrics.go
internal/playback/server.go
internal/pprof/pprof.go
Your feedback and review on these changes would be greatly appreciated. Please let me know if there are any concerns or if further adjustments are needed.

Thank you for your attention to this matter.

internal/api/api.go

@@ -296,6 +296,7 @@ func (a *API) mwAuth(ctx *gin.Context) {
 	err := a.AuthManager.Authenticate(&auth.Request{
 		User:   user,
 		Pass:   pass,
+		Query:  ctx.Request.URL.RawQuery,
 		IP:     net.ParseIP(ctx.ClientIP()),
 		Action: conf.AuthActionAPI,
 	})

internal/metrics/metrics.go

@@ -100,6 +100,7 @@ func (m *Metrics) mwAuth(ctx *gin.Context) {
 	err := m.AuthManager.Authenticate(&auth.Request{
 		User:   user,
 		Pass:   pass,
+		Query:  ctx.Request.URL.RawQuery,
 		IP:     net.ParseIP(ctx.ClientIP()),
 		Action: conf.AuthActionMetrics,
 	})

internal/playback/server.go

@@ -101,6 +101,7 @@ func (p *Server) doAuth(ctx *gin.Context, pathName string) bool {
 	err := p.AuthManager.Authenticate(&auth.Request{
 		User:   user,
 		Pass:   pass,
+		Query:  ctx.Request.URL.RawQuery,
 		IP:     net.ParseIP(ctx.ClientIP()),
 		Action: conf.AuthActionPlayback,
 		Path:   pathName,

internal/pprof/pprof.go

@@ -73,6 +73,7 @@ func (pp *PPROF) ServeHTTP(w http.ResponseWriter, r *http.Request) {
 	err := pp.AuthManager.Authenticate(&auth.Request{
 		User:   user,
 		Pass:   pass,
+		Query:  r.URL.RawQuery,
 		IP:     net.ParseIP(ip),
 		Action: conf.AuthActionMetrics,
 	})