diff --git a/src/middleware/user.js b/src/middleware/user.js
index 10983cb4f6..3cc69a750d 100644
--- a/src/middleware/user.js
+++ b/src/middleware/user.js
@@ -25,7 +25,17 @@ module.exports = function (middleware) {
 				req: req,
 				res: res,
 				next: function (err) {
-					auth.setAuthVars(req, res, function () { next(err); });
+					if (err) {
+						return next(err);
+					}
+
+					auth.setAuthVars(req, res, function () {
+						if (req.loggedIn && req.user && req.user.uid) {
+							return next();
+						}
+
+						controllers.helpers.notAllowed(req, res);
+					});
 				},
 			});
 		}