Don't allow empty tokens (#13)

2025-01-02 21:44:26 +01:00 · 2025-01-02 21:44:26 +01:00 · e445039cb8
parent ca815c06f1
commit e445039cb8
1 changed files with 1 additions and 1 deletions
--- a/web.go
+++ b/web.go
@ -192,7 +192,7 @@ func protectedMiddleware() gin.HandlerFunc {
 		}

 		authToken, err := c.Cookie("authToken")
-		if err != nil || authToken != config.LocalAuthToken {
+		if err != nil || authToken != config.LocalAuthToken || authToken == "" {
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
 			c.Abort()
 			return