From 0be88678df3c88065f045a5636edd4b970c51740 Mon Sep 17 00:00:00 2001
From: Hugo H <hugo@haaxman.co.uk>
Date: Sat, 13 Sep 2025 19:50:01 +0100
Subject: [PATCH] Use headers instead of body for token Now the endpoints
 follow HTTP rules in GET requests

---
 main.py | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/main.py b/main.py
index 381f413..0993248 100644
--- a/main.py
+++ b/main.py
@@ -89,7 +89,7 @@ def checkChatPermission(token, chatId, permission):
 @app.route('/api/user/chats', methods = ['GET'])
 def getUserChats():
     # Get user auth token
-    token = request.json['token']
+    token = request.headers['token']
     a, userId = checkUserPermission(token, True)
     if (a == True):
         returnedChats = list(chatCollection.find({'permissions.' + userId : "view"}))
@@ -108,7 +108,7 @@ def getUserChats():
 @app.route('/api/chat/<_id>/details/<details>', methods = ['GET', 'POST'])
 def getChatHistory(_id, details):
     # Get user auth token
-    token = request.json['token']
+    token = request.headers['token']
     a, userId = checkChatPermission(token, _id, True)
     if (a == True):
         # If the user is trying to GET data
@@ -154,7 +154,7 @@ def getChatHistory(_id, details):
 @app.route('/api/chat/create', methods = ['POST'])
 def createChat():
     # Get user auth token
-    token = request.json['token']
+    token = request.headers['token']
     a, userId = checkUserPermission(token, "createChat")
     if (a == True):
         name = request.json['name']