Update app.js

app.js

@@ -1,5 +1,5 @@
+// server.js (Bun) — with CORS enabled for WS and HTTP
 const rooms = new Map(); // roomId ⇒ Set<ServerWebSocket>
-const HARDCODED_TOKEN = "test-token-123";
 
 Bun.serve({
   port: Number(Bun.env.PORT) || 7860,
@@ -14,7 +14,7 @@ Bun.serve({
         headers: {
           "Access-Control-Allow-Origin": "*",
           "Access-Control-Allow-Methods": "GET, POST, OPTIONS",
-          "Access-Control-Allow-Headers": "Content-Type, Upgrade, Authorization",
+          "Access-Control-Allow-Headers": "Content-Type, Upgrade",
           "Access-Control-Allow-Credentials": "true",
         },
       });
@@ -22,11 +22,6 @@ Bun.serve({
 
     // Upgrade to WebSocket if requested
     if (req.headers.get("upgrade")?.toLowerCase() === "websocket") {
-      // Bearer token check
-      const auth = req.headers.get("authorization");
-      if (auth !== `Bearer ${HARDCODED_TOKEN}`) {
-        return new Response("Unauthorized", { status: 401, headers: { "Access-Control-Allow-Origin": "*" } });
-      }
       // Accept the upgrade with CORS headers on the handshake
       const upgradeRes = server.upgrade(req, {
         headers: {
@@ -52,28 +47,15 @@ Bun.serve({
   <h2>Join a Room & Send Messages</h2>
   <input id="room" placeholder="Room ID"/>
   <button onclick="joinRoom()">Join Room</button>
-  <div>
-    <input type="checkbox" id="sendToken" checked>Send Bearer Token
-  </div>
   <div id="log"></div>
   <input id="msg" placeholder="Type a message" style="width:80%;"/>
   <button onclick="sendMsg()">Send</button>
   <script>
     var ws, currentRoom;
-    function connectWS() {
+    window.addEventListener('load', function() {
       var scheme = location.protocol === 'https:' ? 'wss' : 'ws';
       var socketUrl = scheme + '://' + location.host + '/';
-      var sendToken = document.getElementById('sendToken').checked;
-      if (ws && ws.readyState === 1) ws.close();
-      // Bun supports custom headers in WebSocket constructor, browsers do not!
-      try {
-        ws = sendToken
-          ? new WebSocket(socketUrl, { headers: { "Authorization": "Bearer test-token-123" } })
-          : new WebSocket(socketUrl);
-      } catch (e) {
-        log('Custom headers not supported in this environment.');
-        ws = new WebSocket(socketUrl);
-      }
+      ws = new WebSocket(socketUrl);
       ws.onopen = function(){ log('🔌 Connected'); };
       ws.onmessage = function(ev){
         var m = JSON.parse(ev.data);
@@ -81,9 +63,7 @@ Bun.serve({
       };
       ws.onerror = function(){ log('⚠️ WebSocket error'); };
       ws.onclose = function(c){ log('❌ Disconnected (code='+c.code+')'); };
-    }
-    window.addEventListener('load', connectWS);
-    document.getElementById('sendToken').addEventListener('change', connectWS);
+    });
     function joinRoom(){
       var id = document.getElementById('room').value.trim();
       if(!id) return alert('Enter room ID');
@@ -157,4 +137,5 @@ Bun.serve({
   }
 });
 
-console.log("✅ Bun realtime server running on port " + (Bun.env.PORT || 7860));
+console.log("✅ Bun realtime server running on port " + (Bun.env.PORT || 7860));
+