diff options
| author | Manuel Nuñez <10672208+mind-ar@users.noreply.github.com> | 2022-09-04 19:21:30 -0300 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-09-05 08:21:30 +1000 |
| commit | ca85992ac6dabafd8410a8928c01ebb8edaf6d7c (patch) | |
| tree | 8a7349f15cb3a603ca2eed97bb6a73bc1b262e02 /internal/handlers/response.go | |
| parent | 6cc182de0827ef71ce69bc2f4ad4e0fb89a54bfa (diff) | |
fix(handlers): verify handler (#3956)
When an anonymous user tries to access a forbidden resource with no subject, we should response with 403.
Fixes #3084
Diffstat (limited to 'internal/handlers/response.go')
| -rw-r--r-- | internal/handlers/response.go | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/internal/handlers/response.go b/internal/handlers/response.go index e1a9d970e..83f5de59d 100644 --- a/internal/handlers/response.go +++ b/internal/handlers/response.go @@ -87,7 +87,7 @@ func Handle1FAResponse(ctx *middlewares.AutheliaCtx, targetURI, requestMethod st return } - requiredLevel := ctx.Providers.Authorizer.GetRequiredLevel( + _, requiredLevel := ctx.Providers.Authorizer.GetRequiredLevel( authorization.Subject{ Username: username, Groups: groups, |