fix: render 404 when not logged in

2 files changed, 7 insertions, 14 deletions

diff --git a/app/middleware/require_user.go b/app/middleware/require_user.go
index 8df4fd7..d0d5355 100644
--- a/app/middleware/require_user.go
+++ b/app/middleware/require_user.go
@@ -2,21 +2,16 @@ package middleware
 
 import (
 	"net/http"
-
-	"github.com/xlgmokha/x/pkg/x"
-	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
 )
 
-func RequireUser(code int, url string) func(http.Handler) http.Handler {
+func RequireUser() func(http.Handler) http.Handler {
 	return func(next http.Handler) http.Handler {
 		return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-			user := cfg.CurrentUser.From(r.Context())
-			if x.IsZero(user) {
-				http.Redirect(w, r, url, code)
-				return
+			if IsLoggedIn(r) {
+				next.ServeHTTP(w, r)
+			} else {
+				w.WriteHeader(http.StatusNotFound)
 			}
-
-			next.ServeHTTP(w, r)
 		})
 	}
 }
diff --git a/app/middleware/require_user_test.go b/app/middleware/require_user_test.go
index 17c0276..48afff7 100644
--- a/app/middleware/require_user_test.go
+++ b/app/middleware/require_user_test.go
@@ -4,7 +4,6 @@ import (
 	"net/http"
 	"testing"
 
-	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/domain"
@@ -12,7 +11,7 @@ import (
 )
 
 func TestRequireUser(t *testing.T) {
-	middleware := RequireUser(http.StatusFound, "/login")
+	middleware := RequireUser()
 
 	t.Run("when a user is not logged in", func(t *testing.T) {
 		t.Run("redirects to the homepage", func(t *testing.T) {
@@ -23,8 +22,7 @@ func TestRequireUser(t *testing.T) {
 			}))
 			server.ServeHTTP(w, r)
 
-			require.Equal(t, http.StatusFound, w.Code)
-			assert.Equal(t, "/login", w.Header().Get("Location"))
+			require.Equal(t, http.StatusNotFound, w.Code)
 		})
 	})