Fix request handling when the cookie header is not there

crates/core/src/filters/cookies.rs

@@ -26,7 +26,7 @@ use headers::{Header, HeaderValue, SetCookie};
 use serde::{de::DeserializeOwned, Deserialize, Serialize};
 use thiserror::Error;
 use warp::{
-    reject::{MissingCookie, Reject},
+    reject::{InvalidHeader, MissingCookie, Reject},
     Filter, Rejection, Reply,
 };
 
@@ -120,6 +120,8 @@ where
 {
     encrypted(options)
         .map(Some)
+        .recover(none_on_error::<T, InvalidHeader>)
+        .unify()
         .recover(none_on_error::<T, MissingCookie>)
         .unify()
         .recover(none_on_error::<T, CookieDecryptionError<T>>)

crates/core/src/filters/session.rs

@@ -19,7 +19,7 @@ use sqlx::{pool::PoolConnection, Executor, PgPool, Postgres};
 use thiserror::Error;
 use tracing::warn;
 use warp::{
-    reject::{MissingCookie, Reject},
+    reject::{InvalidHeader, MissingCookie, Reject},
     Filter, Rejection,
 };
 
@@ -134,6 +134,12 @@ async fn recover<T>(rejection: Rejection) -> Result<T, Rejection> {
         // propagated
     }
 
+    if let Some(e) = rejection.find::<InvalidHeader>() {
+        if e.name() == "cookie" {
+            return Err(warp::reject::custom(SessionLoadError::MissingCookie));
+        }
+    }
+
     if let Some(_e) = rejection.find::<MissingCookie>() {
         return Err(warp::reject::custom(SessionLoadError::MissingCookie));
     }