Update CHANGELOG.md for version 0.51.2, enhance API key extraction to support query parameters, and implement internal auth context in status and storage handlers.

CHANGELOG.md

@@ -16,7 +16,16 @@ The format is based on [Keep a Changelog][keepachangelog] and adheres to [Semant
 
 ### Fixed
 
-## [0.51.0] - 2025-09-26
+## [0.51.2] - 2025-09-26
+
+### Added
+
+### Changed
+
+- Enhance gateway configuration by adding RQLiteDSN support and updating default connection settings. Updated config parsing to include RQLiteDSN from YAML and environment variables. Changed default RQLite connection URL from port 4001 to 5001.
+- Update CHANGELOG.md for version 0.51.2, enhance API key extraction to support query parameters, and implement internal auth context in status and storage handlers.
+
+## [0.51.1] - 2025-09-26
 
 ### Added
 
@@ -29,6 +38,7 @@ The format is based on [Keep a Changelog][keepachangelog] and adheres to [Semant
 - Updated node/node.go on loadOrCreateIdentity to use encryption.identity
 - Updated cli/main.go to remove fallbacks for identity
 - Updated install-debros-network.sh script to use new ./cmd/identity and fixed port order on print
+- Updated makefile and changelog
 
 ### Deprecated
 
@@ -37,7 +47,7 @@ The format is based on [Keep a Changelog][keepachangelog] and adheres to [Semant
 ### Fixed
 
 
-## [0.50.1] - 2025-09-23
+## [0.50.0] - 2025-09-23
 
 ### Added
 

pkg/gateway/middleware.go

@@ -130,7 +130,7 @@ func (g *Gateway) authMiddleware(next http.Handler) http.Handler {
 	})
 }
 
-// extractAPIKey extracts API key from Authorization or X-API-Key
+// extractAPIKey extracts API key from Authorization, X-API-Key header, or query parameters
 func extractAPIKey(r *http.Request) string {
 	// Prefer Authorization header
 	auth := r.Header.Get("Authorization")
@@ -148,10 +148,18 @@ func extractAPIKey(r *http.Request) string {
 			return strings.TrimSpace(auth)
 		}
 	}
-	// Fallback header
+	// Fallback to X-API-Key header
 	if v := strings.TrimSpace(r.Header.Get("X-API-Key")); v != "" {
 		return v
 	}
+	// Fallback to query parameter (for WebSocket support)
+	if v := strings.TrimSpace(r.URL.Query().Get("api_key")); v != "" {
+		return v
+	}
+	// Also check token query parameter (alternative name)
+	if v := strings.TrimSpace(r.URL.Query().Get("token")); v != "" {
+		return v
+	}
 	return ""
 }
 

pkg/gateway/status_handlers.go

@@ -60,7 +60,8 @@ func (g *Gateway) statusHandler(w http.ResponseWriter, r *http.Request) {
 		writeError(w, http.StatusServiceUnavailable, "client not initialized")
 		return
 	}
-	ctx := r.Context()
+	// Use internal auth context to bypass client credential requirements
+	ctx := client.WithInternalAuth(r.Context())
 	status, err := g.client.Network().GetStatus(ctx)
 	if err != nil {
 		writeError(w, http.StatusInternalServerError, err.Error())

pkg/gateway/storage_handlers.go

@@ -3,6 +3,8 @@ package gateway
 import (
 	"encoding/json"
 	"net/http"
+
+	"github.com/DeBrosOfficial/network/pkg/client"
 )
 
 // Database HTTP handlers
@@ -12,7 +14,8 @@ func (g *Gateway) networkStatusHandler(w http.ResponseWriter, r *http.Request) {
 		writeError(w, http.StatusServiceUnavailable, "client not initialized")
 		return
 	}
-	ctx := r.Context()
+	// Use internal auth context to bypass client credential requirements
+	ctx := client.WithInternalAuth(r.Context())
 	status, err := g.client.Network().GetStatus(ctx)
 	if err != nil {
 		writeError(w, http.StatusInternalServerError, err.Error())
@@ -26,7 +29,8 @@ func (g *Gateway) networkPeersHandler(w http.ResponseWriter, r *http.Request) {
 		writeError(w, http.StatusServiceUnavailable, "client not initialized")
 		return
 	}
-	ctx := r.Context()
+	// Use internal auth context to bypass client credential requirements
+	ctx := client.WithInternalAuth(r.Context())
 	peers, err := g.client.Network().GetPeers(ctx)
 	if err != nil {
 		writeError(w, http.StatusInternalServerError, err.Error())