add feature license management

backend/internal/common/router/middleware.go

@@ -13,24 +13,30 @@ import (
 // authMiddleware validates JWT tokens and sets user context
 func authMiddleware(authHandler *auth.Handler) gin.HandlerFunc {
 	return func(c *gin.Context) {
-		// Extract token from Authorization header
+		var token string
+
+		// Try to extract token from Authorization header first
 		authHeader := c.GetHeader("Authorization")
-		if authHeader == "" {
-			c.JSON(http.StatusUnauthorized, gin.H{"error": "missing authorization header"})
+		if authHeader != "" {
+			// Parse Bearer token
+			parts := strings.SplitN(authHeader, " ", 2)
+			if len(parts) == 2 && parts[0] == "Bearer" {
+				token = parts[1]
+			}
+		}
+
+		// If no token from header, try query parameter (for WebSocket)
+		if token == "" {
+			token = c.Query("token")
+		}
+
+		// If still no token, return error
+		if token == "" {
+			c.JSON(http.StatusUnauthorized, gin.H{"error": "missing authorization token"})
 			c.Abort()
 			return
 		}
 
-		// Parse Bearer token
-		parts := strings.SplitN(authHeader, " ", 2)
-		if len(parts) != 2 || parts[0] != "Bearer" {
-			c.JSON(http.StatusUnauthorized, gin.H{"error": "invalid authorization header format"})
-			c.Abort()
-			return
-		}
-
-		token := parts[1]
-
 		// Validate token and get user
 		user, err := authHandler.ValidateToken(token)
 		if err != nil {