Abort middleware execution if no token header is present

2026-06-21 22:38:55 -04:00 · 2020-07-10 16:17:52 +02:00
parent 78ba2950d3
commit 94ea9ede89
1 changed files with 5 additions and 1 deletions
--- a/pkg/middleware/create_home.go
+++ b/pkg/middleware/create_home.go
@@ -25,12 +25,16 @@ func CreateHome(opts ...Option) func(next http.Handler) http.Handler {
 				"secret": opt.TokenManagerConfig.JWTSecret,
 			})
 			if err != nil {
-				opt.Logger.Err(err).Msg("error creating tokenManager")
 				w.WriteHeader(http.StatusInternalServerError)
 				return
 			}

 			token := r.Header.Get("x-access-token")
+			if token == "" {
+				next.ServeHTTP(w, r)
+				return
+			}
+
 			user, err := tokenManager.DismantleToken(r.Context(), token)
 			if err != nil {
 				opt.Logger.Err(err).Msg("error getting user from access token")