From d00d66e0ec6628024aa4bc2b21f17d6a5edb1d3a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Miroslav=20=C5=A0ediv=C3=BD?= <sedivy.miro@gmail.com>
Date: Sun, 29 Aug 2021 17:23:49 +0200
Subject: [PATCH] api forbidden if login disabled.

---
 internal/api/router.go | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/internal/api/router.go b/internal/api/router.go
index 0198e8d0..d37dd00b 100644
--- a/internal/api/router.go
+++ b/internal/api/router.go
@@ -1,6 +1,7 @@
 package api
 
 import (
+	"errors"
 	"net/http"
 
 	"github.com/go-chi/chi"
@@ -74,7 +75,12 @@ func (api *ApiManagerCtx) Authenticate(next http.Handler) http.Handler {
 				api.sessions.CookieClearToken(w, r)
 			}
 
-			utils.HttpUnauthorized(w, err)
+			if errors.Is(err, types.ErrSessionLoginDisabled) {
+				utils.HttpForbidden(w, err)
+			} else {
+				utils.HttpUnauthorized(w, err)
+			}
+
 			return
 		}