summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--routers/events/events.go11
-rw-r--r--routers/routes/web.go2
2 files changed, 12 insertions, 1 deletions
diff --git a/routers/events/events.go b/routers/events/events.go
index 27dbb08fc8..aa8e2c8c74 100644
--- a/routers/events/events.go
+++ b/routers/events/events.go
@@ -30,6 +30,17 @@ func Events(ctx *context.Context) {
ctx.Resp.Header().Set("X-Accel-Buffering", "no")
ctx.Resp.WriteHeader(http.StatusOK)
+ if !ctx.IsSigned {
+ // Return unauthorized status event
+ event := (&eventsource.Event{
+ Name: "unauthorized",
+ Data: "sorry",
+ })
+ _, _ = event.WriteTo(ctx)
+ ctx.Resp.Flush()
+ return
+ }
+
// Listen to connection close and un-register messageChan
notify := ctx.Req.Context().Done()
ctx.Resp.Flush()
diff --git a/routers/routes/web.go b/routers/routes/web.go
index 166b4286a8..e59609d831 100644
--- a/routers/routes/web.go
+++ b/routers/routes/web.go
@@ -400,7 +400,7 @@ func RegisterRoutes(m *web.Route) {
})
}, reqSignOut)
- m.Any("/user/events", reqSignIn, events.Events)
+ m.Any("/user/events", events.Events)
m.Group("/login/oauth", func() {
m.Get("/authorize", bindIgnErr(auth.AuthorizationForm{}), user.AuthorizeOAuth)