diff --git a/jwtauth.go b/jwtauth.go
index 32c82a6..f3c2721 100644
--- a/jwtauth.go
+++ b/jwtauth.go
@@ -19,6 +19,7 @@ var (
 var (
 	ErrUnauthorized = errors.New("jwtauth: token is unauthorized")
 	ErrExpired      = errors.New("jwtauth: token is expired")
+	ErrNoTokenFound = errors.New("jwtauth: no token found")
 )
 
 type JWTAuth struct {
@@ -97,6 +98,9 @@ func VerifyRequest(ja *JWTAuth, r *http.Request, findTokenFns ...func(r *http.Re
 			break
 		}
 	}
+	if tokenStr == "" {
+		return nil, ErrNoTokenFound
+	}
 
 	// TODO: what other kinds of validations should we do / error messages?