From 393fc3dbb2b134b1654b31a0970ef877a2e4ea77 Mon Sep 17 00:00:00 2001
From: Paul Bienkowski <pb@opatut.de>
Date: Tue, 24 Nov 2020 23:22:22 +0100
Subject: [PATCH] fix: handle requests without authorization header

---
 routes/auth.js | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/routes/auth.js b/routes/auth.js
index e29fac8..70f4ed7 100644
--- a/routes/auth.js
+++ b/routes/auth.js
@@ -22,7 +22,8 @@ const jwtOptional = jwt({
 
 function getUserIdMiddleware(req, res, next) {
   try {
-    const [tokenType, token] = req.headers.authorization.split(' ') || [];
+    const authorization = req.headers.authorization;
+    const [tokenType, token] = (authorization && authorization.split(' ')) || [];
 
     if (tokenType === 'Token' || tokenType === 'Bearer') {
       return jwtOptional(req, res, next);