diff options
author | Julien Dessaux | 2024-11-15 23:59:14 +0100 |
---|---|---|
committer | Julien Dessaux | 2024-11-15 23:59:14 +0100 |
commit | 7c96e1b780243bfbe3ecc5b6874fe3497e2419d5 (patch) | |
tree | 3c4c84d9d6f414c97163d7101c2157dc904a4dd0 /pkg/basic_auth/middleware.go | |
parent | chore(tfstated): use a struct{} as context.Context key (diff) | |
download | tfstated-7c96e1b780243bfbe3ecc5b6874fe3497e2419d5.tar.gz tfstated-7c96e1b780243bfbe3ecc5b6874fe3497e2419d5.tar.bz2 tfstated-7c96e1b780243bfbe3ecc5b6874fe3497e2419d5.zip |
fix(tfstated): return 403 Forbidden on non existent account
Diffstat (limited to '')
-rw-r--r-- | pkg/basic_auth/middleware.go | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/pkg/basic_auth/middleware.go b/pkg/basic_auth/middleware.go index 94cac56..1b51c8a 100644 --- a/pkg/basic_auth/middleware.go +++ b/pkg/basic_auth/middleware.go @@ -23,6 +23,10 @@ func Middleware(db *database.DB) func(http.Handler) http.Handler { http.Error(w, "Internal Server Error", http.StatusInternalServerError) return } + if account == nil { + http.Error(w, "Forbidden", http.StatusForbidden) + return + } if password != account.Password { http.Error(w, "Forbidden", http.StatusForbidden) return |