From a77da6e6cf21d86a037e29082c7701a8d966fde0 Mon Sep 17 00:00:00 2001
From: Phara0h <jtwhissel@gmail.com>
Date: Wed, 7 Apr 2021 11:20:40 -0400
Subject: [PATCH] added more unique req headers coming from travelling.

---
 include/server/router.js | 14 +++++++-------
 include/utils/auth.js    |  1 +
 2 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/include/server/router.js b/include/server/router.js
index 442e3993..b5f1041c 100644
--- a/include/server/router.js
+++ b/include/server/router.js
@@ -130,15 +130,15 @@ class Router {
       // sets user id cookie every time to protect against tampering.
       if (authenticated && config.proxy.sendTravellingHeaders) {
         if (config.user.username.enabled) {
-          req.headers['un'] = sessionUser.username;
+          req.headers['t-user'] = sessionUser.username;
         }
 
-        req.headers['gn'] = routedGroup.name;
-        req.headers['gt'] = routedGroup.type;
-        req.headers['do'] = sessionUser.domain;
-        req.headers['uid'] = sessionUser.id;
-        req.headers['em'] = sessionUser.email;
-        req.headers['perm'] = r.name;
+        req.headers['t-grpn'] = routedGroup.name;
+        req.headers['t-grpt'] = routedGroup.type;
+        req.headers['t-dom'] = sessionUser.domain;
+        req.headers['t-id'] = sessionUser.id;
+        req.headers['t-email'] = sessionUser.email;
+        req.headers['t-perm'] = r.name;
       }
 
       if (req.raw.url.indexOf('/' + config.serviceName + '/') == 0 && !r.host) {
diff --git a/include/utils/auth.js b/include/utils/auth.js
index a785bdae..df654d17 100644
--- a/include/utils/auth.js
+++ b/include/utils/auth.js
@@ -33,6 +33,7 @@ var checkAuthHeader = async (req, res, router) => {
       return false;
     }
 
+    // Maybe optomize this with sessions?
     var user = await TokenHandler.checkAccessToken(splitAuth[1]);
 
     if (!user) {