Fix: Token auth always had a logged in user

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2024-12-20 12:51:17 +00:00 · 2018-02-04 13:00:33 +01:00 · 2018-02-04 13:00:33 +01:00 · 62985b6c66
commit 62985b6c66
parent ae4b6a7f2c
1 changed files with 6 additions and 2 deletions
--- a/auth_token.go
+++ b/auth_token.go
@ -60,14 +60,18 @@ func (a authToken) DetectUser(res http.ResponseWriter, r *http.Request) (string,
 	tmp := strings.SplitN(authHeader, " ", 2)
 	suppliedToken := tmp[1]

-	var user, token string
+	var (
+		user, token string
+		userFound   bool
+	)
 	for user, token = range a.Tokens {
 		if token == suppliedToken {
+			userFound = true
 			break
 		}
 	}

-	if user == "" {
+	if !userFound {
 		return "", nil, errNoValidUserFound
 	}