add null check when using auth header (#39)

* add null check when using auth header * add changelog * update README
digitalcredentials · Mar 25, 2024 · f48270d · f48270d
1 parent 1b26c63
commit f48270d
Show file tree

Hide file tree

Showing 3 changed files with 12 additions and 15 deletions.
diff --git a/README.md b/README.md
@@ -5,12 +5,6 @@ CHECK OUT OUR [GETTING STARTED DOC](docs/GETTING_STARTED.md) FOR A STEP BY STEP
 [![Release Branch](https://img.shields.io/badge/release_branch-main-green.svg)](https://github.com/digitalcredentials/admin-dashboard/tree/main)
 [![License](https://img.shields.io/badge/license-mit-blue.svg)](https://github.com/digitalcredentials/admin-dashboard/blob/main/LICENSE)
 
-<p float="left">
-  <img src="https://github.com/learningeconomy/admin-dashboard/assets/2185016/9926ded7-40e9-4f18-a89a-bd788274903e" width="200" />
-    <img src="https://github.com/learningeconomy/admin-dashboard/assets/2185016/31882ce0-ce6e-4661-8c42-e64958accfc3" width="350" height="0" /> 
-  <img src="https://github.com/learningeconomy/admin-dashboard/assets/2185016/31882ce0-ce6e-4661-8c42-e64958accfc3" width="350" /> 
-</p>
-
 A system for:
 
 * uploading and managing credential data

diff --git a/src/CHANGELOG.md b/src/CHANGELOG.md
@@ -0,0 +1,7 @@
+# admin-dashboard Changelog
+
+## 0.1.1 - 2024-03-25
+### Changed
+- fixed error when no auth header present PR #39
+
+For previous history, see Git commits.
diff --git a/src/endpoints/getCredentialLinks.ts b/src/endpoints/getCredentialLinks.ts
@@ -12,18 +12,14 @@ const tenantName = process.env.TENANT_NAME ?? 'test';
 
 export const getCredentialLinks: PayloadHandler = async (req, res) => {
     let id: string;
+    let token: string;
 
-    const authHeader = req.headers.authorization;
-
-    if (!authHeader.startsWith('Bearer ')) return res.sendStatus(401);
-
-    const token = authHeader.split('Bearer ')[1];
-
-    try {
+    try { 
+        const authHeader = req.headers.authorization;
+        if (authHeader && !authHeader.startsWith('Bearer ')) return res.sendStatus(401);
+        token = authHeader.split('Bearer ')[1];
         const decoded = jwt.verify(token, secret);
-
         if (typeof decoded === 'string' || !decoded.id) return res.sendStatus(401);
-
         id = decoded.id;
     } catch (error) {
         return res.sendStatus(401);