From 7718c07d964b4d1318fedf8f745abca6c9f03c57 Mon Sep 17 00:00:00 2001
From: Vasilica Olariu <olariu.vasilica@gmail.com>
Date: Tue, 16 Sep 2025 12:16:20 +0300
Subject: [PATCH] Fix missing token check

---
 src/shared/guards/tokenRoles.guard.ts | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/shared/guards/tokenRoles.guard.ts b/src/shared/guards/tokenRoles.guard.ts
index d340733..27c9da1 100644
--- a/src/shared/guards/tokenRoles.guard.ts
+++ b/src/shared/guards/tokenRoles.guard.ts
@@ -37,7 +37,11 @@ export class TokenRolesGuard implements CanActivate {
     const request = context.switchToHttp().getRequest<Request>();
 
     try {
-      const user = request['user'] ?? {};
+      const user = request['user'];
+
+      if (!user && (requiredRoles.length || requiredScopes.length)) {
+        throw new UnauthorizedException('Missing or invalid token!');
+      }
 
       // Check role-based access for regular users
       if (user.roles && requiredRoles.length > 0) {