From d9c03e231e65e3d966fa527bfbdd7cf2b19f21c7 Mon Sep 17 00:00:00 2001
From: Jan Bader <jan@javil.eu>
Date: Fri, 4 Feb 2022 21:40:22 +0000
Subject: [PATCH] Improve error when no auth supplied

---
 http/session.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/http/session.go b/http/session.go
index 32506f7..e784d03 100644
--- a/http/session.go
+++ b/http/session.go
@@ -12,6 +12,10 @@ import (
 
 func (h *Handler) verifyLogin(c *gin.Context) (budgeteer.Token, error) {
 	tokenString := c.GetHeader("Authorization")
+	if len(tokenString) < 8 {
+		return nil, fmt.Errorf("no authorization header supplied")
+	}
+
 	tokenString = tokenString[7:]
 	token, err := h.TokenVerifier.VerifyToken(tokenString)
 	if err != nil {