From c2a56c82531aa4e3e4498e3c5e16cd2ab29c1275 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E5=BE=90=E6=B6=9B?= <midnite@outlook.com>
Date: Sun, 11 Jun 2023 17:35:50 +0800
Subject: [PATCH] =?UTF-8?q?enahnce(security):=E6=94=B9=E8=BF=9B=E5=AF=B9?=
 =?UTF-8?q?=E4=BA=8E=E4=BB=A4=E7=89=8C=E7=9A=84=E8=8E=B7=E5=8F=96=E3=80=82?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 security/security.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/security/security.go b/security/security.go
index dda0f61..38d5c7c 100644
--- a/security/security.go
+++ b/security/security.go
@@ -14,7 +14,11 @@ import (
 // ! 仅通过该中间件是不能保证上下文中一定保存有用户会话信息的。
 func SessionRecovery(c *fiber.Ctx) error {
 	if auth := c.Get("Authorization", ""); len(auth) > 0 {
-		token := strings.Fields(auth)[1]
+		authFields := strings.Fields(auth)
+		if len(authFields) != 2 || strings.ToLower(authFields[0]) != "bearer" || len(authFields[1]) == 0 {
+			return c.Next()
+		}
+		token := authFields[1]
 		session, err := cache.RetrieveSession(token)
 
 		if err == nil && session != nil {