starred/pocket-id
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-17 01:11:38 +03:00
Code Issues 121 Packages Projects Releases 16 Wiki Activity

fix: return correct error message if user isn't authorized

Browse Source
This commit is contained in:
Elias Schneider
2025-04-28 10:39:17 +02:00
parent 1efd1d182d
commit 86d2b5f59f
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
backend/internal/middleware/auth_middleware.go
View File

@@ -1,7 +1,9 @@
package middleware package middleware
import ( import (
"errors"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
"github.com/pocket-id/pocket-id/backend/internal/common"
"github.com/pocket-id/pocket-id/backend/internal/service" "github.com/pocket-id/pocket-id/backend/internal/service"
) )
@@ -69,6 +71,13 @@ func (m *AuthMiddleware) Add() gin.HandlerFunc {
return return
} }
// If JWT auth failed and the error is not a NotSignedInError, abort the request
if !errors.Is(err, &common.NotSignedInError{}) {
c.Abort()
_ = c.Error(err)
return
}
// JWT auth failed, try API key auth // JWT auth failed, try API key auth
userID, isAdmin, err = m.apiKeyMiddleware.Verify(c, m.options.AdminRequired) userID, isAdmin, err = m.apiKeyMiddleware.Verify(c, m.options.AdminRequired)
if err == nil { if err == nil {