From fab6c32f9187a5cd3f8f75f48d4abf2aa8b940f8 Mon Sep 17 00:00:00 2001
From: Alexis Saettler <alexis@saettler.org>
Date: Mon, 12 Jun 2023 13:18:43 +0200
Subject: [PATCH] fix: fix basic auth with token (#6673)

---
 app/Http/Middleware/AuthenticateWithTokenOnBasicAuth.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/app/Http/Middleware/AuthenticateWithTokenOnBasicAuth.php b/app/Http/Middleware/AuthenticateWithTokenOnBasicAuth.php
index 60820b2c0d7..18c817298f1 100644
--- a/app/Http/Middleware/AuthenticateWithTokenOnBasicAuth.php
+++ b/app/Http/Middleware/AuthenticateWithTokenOnBasicAuth.php
@@ -64,7 +64,8 @@ private function sanctumUser(Request $request): ?User
         $user = $this->sanctum()->setRequest($request)->user();
 
         // if there is no bearer token PHP_AUTH_USER header must match user email
-        if ($user->currentAccessToken() !== null
+        if ($user !== null
+            && $user->currentAccessToken() !== null
             && $request->bearerToken() !== null
             && $request->getUser() !== $user->email) {
             return null;