From eabbdafc1fb2c63624b73961e4de544b439662dc Mon Sep 17 00:00:00 2001
From: Adam Shiervani <adam.shiervani@gmail.com>
Date: Thu, 2 Jan 2025 20:59:40 +0100
Subject: [PATCH] Don't allow empty tokens

---
 web.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web.go b/web.go
index 87cbd18..64f8de7 100644
--- a/web.go
+++ b/web.go
@@ -192,7 +192,7 @@ func protectedMiddleware() gin.HandlerFunc {
 		}
 
 		authToken, err := c.Cookie("authToken")
-		if err != nil || authToken != config.LocalAuthToken {
+		if err != nil || authToken != config.LocalAuthToken || authToken == "" {
 			c.JSON(http.StatusUnauthorized, gin.H{"error": "Unauthorized"})
 			c.Abort()
 			return