diff --git a/routers/events/events.go b/routers/events/events.go index 27dbb08fc8ea..aa8e2c8c74df 100644 --- a/routers/events/events.go +++ b/routers/events/events.go @@ -30,6 +30,17 @@ func Events(ctx *context.Context) { ctx.Resp.Header().Set("X-Accel-Buffering", "no") ctx.Resp.WriteHeader(http.StatusOK) + if !ctx.IsSigned { + // Return unauthorized status event + event := (&eventsource.Event{ + Name: "unauthorized", + Data: "sorry", + }) + _, _ = event.WriteTo(ctx) + ctx.Resp.Flush() + return + } + // Listen to connection close and un-register messageChan notify := ctx.Req.Context().Done() ctx.Resp.Flush() diff --git a/routers/routes/web.go b/routers/routes/web.go index 166b4286a87b..e59609d83117 100644 --- a/routers/routes/web.go +++ b/routers/routes/web.go @@ -400,7 +400,7 @@ func RegisterRoutes(m *web.Route) { }) }, reqSignOut) - m.Any("/user/events", reqSignIn, events.Events) + m.Any("/user/events", events.Events) m.Group("/login/oauth", func() { m.Get("/authorize", bindIgnErr(auth.AuthorizationForm{}), user.AuthorizeOAuth)