From 1287f8d599f2d7c54f9d35de328721e848e04244 Mon Sep 17 00:00:00 2001
From: Katelyn Gigante <clockwork.singularity@gmail.com>
Date: Sat, 27 Jan 2024 16:33:33 +1100
Subject: [PATCH] Support both

---
 gatherling/api_lib.php | 27 +++++++++++++++++----------
 1 file changed, 17 insertions(+), 10 deletions(-)

diff --git a/gatherling/api_lib.php b/gatherling/api_lib.php
index 6dee46553..b81525c77 100644
--- a/gatherling/api_lib.php
+++ b/gatherling/api_lib.php
@@ -48,20 +48,27 @@ function is_admin()
 /** @return bool  */
 function auth()
 {
+    $username = null;
+    $apikey = null;
     if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
         $username = $_SERVER['PHP_AUTH_USER'];
         $apikey = $_SERVER['PHP_AUTH_PW'];
-        if (is_null($username) || is_null($apikey)) {
-            return false;
-        }
+    }
+    if (isset($_SERVER['HTTP_X_USERNAME']) && isset($_SERVER['HTTP_X_APIKEY'])) {
+        $username = $_SERVER['HTTP_X_USERNAME'];
+        $apikey = $_SERVER['HTTP_X_APIKEY'];
+    }
 
-        $player = Player::findByName($username);
-        if (is_null($player)) {
-            return false;
-        }
-        if ($player->api_key == $apikey) {
-            $_SESSION['username'] = $player->name;
-        }
+    if (is_null($username) || is_null($apikey)) {
+        return false;
+    }
+
+    $player = Player::findByName($username);
+    if (is_null($player)) {
+        return false;
+    }
+    if ($player->api_key == $apikey) {
+        $_SESSION['username'] = $player->name;
     }
 
     return Player::isLoggedIn();