Authorization middleware supports cookie or authorization header

[niamu]

This change in the middleware supports both the Authorization header and Cookie methods of retrieving a valid auth token for a request.

---

CCCP reported this issue via Discord:

I'm getting a 401 unauthorized error on the stream.ass when using subtitles, with the experimental SSA/ASS subtitles turned on (so the subtitles do not work)
the request header appears to contain the cookie (token=value) but not the Authorization=value header.
"GET /api/v1/stream/991698fc-1e7f-448c-876a-bc329d83e908/data/stream.ass HTTP/1.1
Host: ip:8001
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/119.0
Accept: /
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ip:8001/static/media/jassub-worker.555dbf2f1bc54cf00628.js
Cookie: token=cookietokenvalue"

Using curl, if i do not send the Authorization header, i get {"error":"NoToken","messsage":"Invite token required."}
but if i send the correct -H "Authorization: token" header, then i get the subtitles without a problem.