1 files changed, 10 insertions, 5 deletions

diff --git a/src/server/RouteManager.ts b/src/server/RouteManager.ts
index 25259bd88..b07aef74d 100644
--- a/src/server/RouteManager.ts
+++ b/src/server/RouteManager.ts
@@ -14,7 +14,8 @@ export interface CoreArguments {
     isRelease: boolean;
 }
 
-export type SecureHandler = (core: CoreArguments & { user: DashUserModel }) => any | Promise<any>;
+export type AuthorizedCore = CoreArguments & { user: DashUserModel };
+export type SecureHandler = (core: AuthorizedCore) => any | Promise<any>;
 export type PublicHandler = (core: CoreArguments) => any | Promise<any>;
 export type ErrorHandler = (core: CoreArguments & { error: any }) => any | Promise<any>;
 
@@ -67,7 +68,7 @@ export default class RouteManager {
                 console.log('please remove all duplicate routes before continuing');
             }
             if (malformedCount) {
-                console.log(`please ensure all routes adhere to ^\/$|^\/[A-Za-z]+(\/\:[A-Za-z]+)*$`);
+                console.log(`please ensure all routes adhere to ^\/$|^\/[A-Za-z]+(\/\:[A-Za-z?_]+)*$`);
             }
             process.exit(1);
         } else {
@@ -85,7 +86,11 @@ export default class RouteManager {
         const { method, subscription, secureHandler: onValidation, publicHandler: onUnauthenticated, errorHandler: onError } = initializer;
         const isRelease = this._isRelease;
         const supervised = async (req: express.Request, res: express.Response) => {
-            const { user, originalUrl: target } = req;
+            let { user } = req;
+            const { originalUrl: target } = req;
+            if (process.env.DB === "MEM" && !user) {
+                user = { id: "guest", email: "", userDocumentId: "guestDocId" };
+            }
             const core = { req, res, isRelease };
             const tryExecute = async (toExecute: (args: any) => any | Promise<any>, args: any) => {
                 try {
@@ -127,7 +132,7 @@ export default class RouteManager {
             } else {
                 route = subscriber.build;
             }
-            if (!/^\/$|^\/[A-Za-z]+(\/\:[A-Za-z]+)*$/g.test(route)) {
+            if (!/^\/$|^\/[A-Za-z]+(\/\:[A-Za-z?_]+)*$/g.test(route)) {
                 this.failedRegistrations.push({
                     reason: RegistrationError.Malformed,
                     route
@@ -192,5 +197,5 @@ export function _permission_denied(res: express.Response, message?: string) {
     if (message) {
         res.statusMessage = message;
     }
-    res.status(STATUS.BAD_REQUEST).send("Permission Denied!");
+    res.status(STATUS.PERMISSION_DENIED).send("Permission Denied!");
 }