From ae1f58697166fb1ec201efaefb5771b183e4d99b Mon Sep 17 00:00:00 2001
From: daniel <daniel.barbero@artica.es>
Date: Wed, 13 Mar 2024 14:24:29 +0100
Subject: [PATCH] Bug acl apiv2 pandora_enterprise#13065

---
 .../lib/Modules/Shared/Middlewares/UserTokenMiddleware.php   | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/pandora_console/include/lib/Modules/Shared/Middlewares/UserTokenMiddleware.php b/pandora_console/include/lib/Modules/Shared/Middlewares/UserTokenMiddleware.php
index 46107f57fe..237293e2b2 100644
--- a/pandora_console/include/lib/Modules/Shared/Middlewares/UserTokenMiddleware.php
+++ b/pandora_console/include/lib/Modules/Shared/Middlewares/UserTokenMiddleware.php
@@ -37,6 +37,9 @@ final class UserTokenMiddleware
             );
 
             $uuid = ($matches[0] ?? '');
+            if (empty($uuid) === true) {
+                return false;
+            }
             $strToken = str_replace($uuid.'-', '', $authorization);
             $validTokenUiniqueServerIdentifier = $this->validateServerIdentifierTokenService->__invoke($strToken);
             if ($validTokenUiniqueServerIdentifier === false) {
@@ -55,7 +58,7 @@ final class UserTokenMiddleware
             $token = null;
         }
 
-        if ($token !== null) {
+        if ($token !== null && $validToken) {
             if (session_status() === PHP_SESSION_NONE) {
                 session_start();
             }