From 437c2e5b4b45370ef14877b1bfc5263a1a765787 Mon Sep 17 00:00:00 2001
From: LittleSheep <littlesheep.code@hotmail.com>
Date: Sun, 17 Mar 2024 23:13:44 +0800
Subject: [PATCH] :bug: Fix didn't handle invalid auth sessions

---
 pkg/server/auth.go   | 2 +-
 pkg/services/auth.go | 2 ++
 2 files changed, 3 insertions(+), 1 deletion(-)

diff --git a/pkg/server/auth.go b/pkg/server/auth.go
index 557796a..06fee74 100644
--- a/pkg/server/auth.go
+++ b/pkg/server/auth.go
@@ -46,6 +46,6 @@ func authFunc(c *fiber.Ctx, overrides ...string) error {
 		c.Locals("principal", user)
 		return nil
 	} else {
-		return err
+		return fiber.NewError(fiber.StatusUnauthorized, err.Error())
 	}
 }
diff --git a/pkg/services/auth.go b/pkg/services/auth.go
index 9ce0556..bc0d225 100644
--- a/pkg/services/auth.go
+++ b/pkg/services/auth.go
@@ -56,6 +56,8 @@ func Authenticate(atk, rtk string) (models.Account, string, string, error) {
 	})
 	if err != nil {
 		return user, reply.GetAccessToken(), reply.GetRefreshToken(), err
+	} else if !reply.IsValid {
+		return user, reply.GetAccessToken(), reply.GetRefreshToken(), fmt.Errorf("invalid authorization context")
 	}
 
 	user, err = LinkAccount(reply.Userinfo)