diff --git a/src/shared/roles.guard.ts b/src/shared/roles.guard.ts
index 1f05fc90d4c008277e96d543f8112b4581a91c47..e65916a94b3cc552259a63a9f5395e3118f95e1b 100644
--- a/src/shared/roles.guard.ts
+++ b/src/shared/roles.guard.ts
@@ -18,7 +18,7 @@ export class RolesGuard implements CanActivate {
     private readonly reflector: Reflector,
     @InjectRepository(Game_PersonEntity)
     private game_PersonRepository: Repository<Game_PersonEntity>,
-    ) {}
+  ) {}
 
   async canActivate(context: ExecutionContext): Promise<boolean> {
     // get roles that are allowed access, identified by @Roles('role') decorators in controllers
@@ -27,9 +27,16 @@ export class RolesGuard implements CanActivate {
       return true;
     }
     const request = context.switchToHttp().getRequest();
-    const gameId = request.params.id
+    // check for authorization header
+    if (!request.headers.authorization) {
+      return false;
+    }
+    const gameId = request.params.id;
     const user = await this.getUserObject(request.headers.authorization);
-    const role = await this.game_PersonRepository.findOne({person: user['id'], game: gameId})
+    const role = await this.game_PersonRepository.findOne({
+      person: user['id'],
+      game: gameId,
+    });
     // check that the role matches the criteria and that token is valid for this game
     return role && roles.includes(role['role']);
   }
@@ -42,7 +49,7 @@ export class RolesGuard implements CanActivate {
     // get the token
     const token = auth.split(' ')[1];
     try {
-      return await jwt.verify(token, process.env.SECRET)
+      return await jwt.verify(token, process.env.SECRET);
     } catch (err) {
       const message = `Token error: ${err.message || err.name}`;
       throw new HttpException(message, HttpStatus.FORBIDDEN);