unauthorized when you have no cookies (#221)

GenerateNU · Feb 17, 2024 · ca9d0b4 · ca9d0b4
1 parent a4e2e62
commit ca9d0b4
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/backend/src/middleware/auth.go b/backend/src/middleware/auth.go
@@ -67,6 +67,10 @@ func (m *MiddlewareService) Authorize(requiredPermissions ...auth.Permission) fu
 			return c.Next()
 		}
 
+		if c.Cookies("access_token") == "" || c.Cookies("refresh_token") == "" {
+			return errors.Unauthorized.FiberError(c)
+		}
+
 		role, err := auth.GetRoleFromToken(c.Cookies("access_token"), m.AuthSettings.AccessKey)
 		if err != nil {
 			return errors.FailedToParseAccessToken.FiberError(c)