fix empty key

mdaneri · Jan 23, 2025 · e577132 · e577132
1 parent 318a0f2
commit e577132
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 6 deletions.
diff --git a/examples/Web-AuthManualErrorHandling.ps1 b/examples/Web-AuthManualErrorHandling.ps1
@@ -54,10 +54,9 @@ Start-PodeServer {
     # Configure custom API key authentication
     New-PodeAuthScheme -ApiKey | Add-PodeAuth -Name 'APIKey' -Sessionless -ScriptBlock {
         param($key)
-
         # Handle missing API key
         if (!$key) {
-            return @{ Success = $false; Reason = 'No X-API-KEY Header found' }
+            return @{ Success = $false; Reason = 'No Authentication Header found' }
         }
 
         # Validate API key
@@ -66,7 +65,7 @@ Start-PodeServer {
         }
 
         # Return failure for invalid users
-        return @{ Success = $false; User = $key; UserId = -1; Reason = 'Not existing user' }
+        return @{ Success = $false; User = $key; Reason = 'Not existing user' }
     }
 
     # Define an API route with manual authentication error handling

diff --git a/src/Private/Authentication.ps1 b/src/Private/Authentication.ps1
@@ -1280,6 +1280,11 @@ function Test-PodeAuthValidation {
             $result = (Invoke-PodeScriptBlock -ScriptBlock $auth.Scheme.ScriptBlock.Script -Arguments $_args -Return -Splat)
         }
 
+        # Remove the Middleware processed data if code is 400 - no token 
+        if ($NoMiddlewareAuthentication -and ($result.Code -eq 400)) {
+            $result = ''
+        }
+
         # If authentication script returns a non-hashtable, perform further validation
         if ($result -isnot [hashtable]) {
             $original = $result
@@ -1305,12 +1310,20 @@ function Test-PodeAuthValidation {
 
         # Handle results when invoked from a route script
         if ($NoMiddlewareAuthentication -and ($null -ne $result) -and ($result -is [hashtable])) {
+            if ($result.Success -is [bool]) {
+                $success = $result.Success
+            }
+            else {
+                $success = $false
+                [System.Exception]::new("The authentication Scriptblock must return an hashtable with a key named 'Success'") | Write-PodeErrorLog
+            }
+
             $ret = @{
-                Success         = $true
+                Success         = $success
                 User            = ''
                 Headers         = ''
-                IsAuthenticated = $result.Success
-                IsAuthorised    = $result.Success
+                IsAuthenticated = $success
+                IsAuthorised    = $success
                 Store           = !$auth.Sessionless
                 Name            = $Name
             }