From 3db95bfbadc4c6fe59844a5d81aa273192b2e4fb Mon Sep 17 00:00:00 2001
From: Jason Song <i@wolfogre.com>
Date: Thu, 29 Dec 2022 17:33:47 +0800
Subject: [PATCH] fix: check oauth2 user id

---
 services/auth/oauth2.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/services/auth/oauth2.go b/services/auth/oauth2.go
index 547dd0d183..3b401cf861 100644
--- a/services/auth/oauth2.go
+++ b/services/auth/oauth2.go
@@ -126,7 +126,8 @@ func (o *OAuth2) Verify(req *http.Request, w http.ResponseWriter, store DataStor
 	}
 
 	id := o.userIDFromToken(req, store)
-	if id == -1 || id <= -3 { // -2 means actions, so we need to allow it.
+
+	if id <= 0 && id != -2 { // -2 means actions, so we need to allow it.
 		return nil, nil
 	}
 	log.Trace("OAuth2 Authorization: Found token for user[%d]", id)