fix: guard every error statement with early return (#2810)

hscontrol/app.go

@@ -380,7 +380,6 @@ func (h *Headscale) httpAuthenticationMiddleware(next http.Handler) http.Handler
 		writer http.ResponseWriter,
 		req *http.Request,
 	) {
-		if err := func() error {
 		log.Trace().
 			Caller().
 			Str("client_address", req.RemoteAddr).
@@ -388,14 +387,20 @@ func (h *Headscale) httpAuthenticationMiddleware(next http.Handler) http.Handler
 
 		authHeader := req.Header.Get("Authorization")
 
+		writeUnauthorized := func(statusCode int) {
+			writer.WriteHeader(statusCode)
+			if _, err := writer.Write([]byte("Unauthorized")); err != nil {
+				log.Error().Err(err).Msg("writing HTTP response failed")
+			}
+		}
+
 		if !strings.HasPrefix(authHeader, AuthPrefix) {
 			log.Error().
 				Caller().
 				Str("client_address", req.RemoteAddr).
 				Msg(`missing "Bearer " prefix in "Authorization" header`)
-				writer.WriteHeader(http.StatusUnauthorized)
+			writeUnauthorized(http.StatusUnauthorized)
-				_, err := writer.Write([]byte("Unauthorized"))
+			return
-				return err
 		}
 
 		valid, err := h.state.ValidateAPIKey(strings.TrimPrefix(authHeader, AuthPrefix))
@@ -405,28 +410,15 @@ func (h *Headscale) httpAuthenticationMiddleware(next http.Handler) http.Handler
 				Err(err).
 				Str("client_address", req.RemoteAddr).
 				Msg("failed to validate token")
-
+			writeUnauthorized(http.StatusInternalServerError)
-				writer.WriteHeader(http.StatusInternalServerError)
+			return
-				_, err := writer.Write([]byte("Unauthorized"))
-				return err
 		}
 
 		if !valid {
 			log.Info().
 				Str("client_address", req.RemoteAddr).
 				Msg("invalid token")
-
+			writeUnauthorized(http.StatusUnauthorized)
-				writer.WriteHeader(http.StatusUnauthorized)
-				_, err := writer.Write([]byte("Unauthorized"))
-				return err
-			}
-
-			return nil
-		}(); err != nil {
-			log.Error().
-				Caller().
-				Err(err).
-				Msg("Failed to write HTTP response")
 			return
 		}