From 599a614b4ccfbaaebe8eaa705288734d3fe03059 Mon Sep 17 00:00:00 2001
From: Amir <amir.saboury@gmail.com>
Date: Mon, 18 Nov 2013 18:06:52 +0330
Subject: [PATCH] fixed a security issue

---
 lib/index.js | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/lib/index.js b/lib/index.js
index 3813b1d..a6fe799 100644
--- a/lib/index.js
+++ b/lib/index.js
@@ -57,6 +57,10 @@ function authorize(options) {
         return auth.fail(data, 'User not authorized through passport. (User Property not found)', false, accept);
 
       auth.passport.deserializeUser(userKey, function(err, user) {
+        if (err)
+          return auth.fail(data, err, true, accept);
+        if (!user)
+          return auth.fail(data, "User not found", false, accept);
         data[auth.userProperty] = user;
         data[auth.userProperty].logged_in = true;
         auth.success(data, accept);