From f9ae81bdfff726525010bfaaf54fc7af290c96c4 Mon Sep 17 00:00:00 2001
From: jbhusson <jonah@elixxir.io>
Date: Fri, 14 Feb 2020 10:05:44 -0800
Subject: [PATCH] add auth check to nb endpoints

---
 notifications/notifications.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/notifications/notifications.go b/notifications/notifications.go
index 6ad5eca..0e20f00 100644
--- a/notifications/notifications.go
+++ b/notifications/notifications.go
@@ -193,6 +193,9 @@ func pollForNotifications(nb *Impl) (strings []string, e error) {
 
 // RegisterForNotifications is called by the client, and adds a user registration to our database
 func (nb *Impl) RegisterForNotifications(clientToken []byte, auth *connect.Auth) error {
+	if !auth.IsAuthenticated {
+		return errors.New("Cannot register for notifications: client is not authenticated")
+	}
 	// Implement this
 	u := &storage.User{
 		Id:    auth.Sender.GetId(),
@@ -207,6 +210,9 @@ func (nb *Impl) RegisterForNotifications(clientToken []byte, auth *connect.Auth)
 
 // UnregisterForNotifications is called by the client, and removes a user registration from our database
 func (nb *Impl) UnregisterForNotifications(auth *connect.Auth) error {
+	if !auth.IsAuthenticated {
+		return errors.New("Cannot unregister for notifications: client is not authenticated")
+	}
 	err := nb.Storage.DeleteUser(auth.Sender.GetId())
 	if err != nil {
 		return errors.Wrap(err, "Failed to unregister user with notifications")
-- 
GitLab