From caac722a72af841174afa04b92f809eae514f1fa Mon Sep 17 00:00:00 2001
From: Nabeel Shahzad <nshahzad@gmail.com>
Date: Sat, 30 Dec 2017 13:02:22 -0600
Subject: [PATCH] update check for api key

---
 app/Http/Middleware/ApiAuth.php | 2 +-
 tests/ApiTest.php               | 3 +++
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/app/Http/Middleware/ApiAuth.php b/app/Http/Middleware/ApiAuth.php
index 3a3082e9..ad4cc757 100644
--- a/app/Http/Middleware/ApiAuth.php
+++ b/app/Http/Middleware/ApiAuth.php
@@ -23,7 +23,7 @@ class ApiAuth
     {
         // Check if Authorization header is in place
         $auth = $request->header('Authorization', null);
-        if(empty($auth)) {
+        if($auth === null) {
             return $this->unauthorized('Authorization header missing');
         }
 
diff --git a/tests/ApiTest.php b/tests/ApiTest.php
index c70a023c..8b8476a7 100644
--- a/tests/ApiTest.php
+++ b/tests/ApiTest.php
@@ -29,6 +29,9 @@ class ApiTest extends TestCase
         $this->withHeaders(['Authorization' => 'invalidKey'])->get($uri)
             ->assertStatus(401);
 
+        $this->withHeaders(['Authorization' => ''])->get($uri)
+            ->assertStatus(401);
+
         // Test upper/lower case of Authorization header, etc
         $this->withHeaders($this->apiHeaders())->get($uri)
             ->assertStatus(200)