fix(api): prevent checking first admin account for plex server access

pull/226/head
sct 4 years ago
parent e7ee85c29b
commit 22006e9dbd

@ -143,8 +143,6 @@ class DiscordAgent
} }
); );
break; break;
default:
color = EmbedColors.DARK_PURPLE;
} }
return { return {

@ -71,44 +71,48 @@ authRoutes.post('/login', async (req, res, next) => {
await userRepository.save(user); await userRepository.save(user);
} }
// If we get to this point, the user does not already exist so we need to create the // Double check that we didn't create the first admin user before running this
// user _assuming_ they have access to the plex server if (!user) {
const mainUser = await userRepository.findOneOrFail({ // If we get to this point, the user does not already exist so we need to create the
select: ['id', 'plexToken'], // user _assuming_ they have access to the plex server
order: { id: 'ASC' }, const mainUser = await userRepository.findOneOrFail({
}); select: ['id', 'plexToken'],
const mainPlexTv = new PlexTvAPI(mainUser.plexToken ?? ''); order: { id: 'ASC' },
if (await mainPlexTv.checkUserAccess(account)) {
user = new User({
email: account.email,
username: account.username,
plexId: account.id,
plexToken: account.authToken,
permissions: settings.main.defaultPermissions,
avatar: account.thumb,
});
await userRepository.save(user);
} else {
logger.info(
'Failed login attempt from user without access to plex server',
{
label: 'Auth',
account: {
...account,
authentication_token: '__REDACTED__',
authToken: '__REDACTED__',
},
}
);
return next({
status: 403,
message: 'You do not have access to this Plex server',
}); });
const mainPlexTv = new PlexTvAPI(mainUser.plexToken ?? '');
if (await mainPlexTv.checkUserAccess(account)) {
user = new User({
email: account.email,
username: account.username,
plexId: account.id,
plexToken: account.authToken,
permissions: settings.main.defaultPermissions,
avatar: account.thumb,
});
await userRepository.save(user);
} else {
logger.info(
'Failed login attempt from user without access to plex server',
{
label: 'Auth',
account: {
...account,
authentication_token: '__REDACTED__',
authToken: '__REDACTED__',
},
}
);
return next({
status: 403,
message: 'You do not have access to this Plex server',
});
}
} }
} }
// Set logged in session // Set logged in session
if (req.session && user) { if (req.session) {
req.session.userId = user.id; req.session.userId = user.id;
} }

@ -26,16 +26,12 @@ const SettingsAbout: React.FC = () => {
'/api/v1/settings/about' '/api/v1/settings/about'
); );
if (error) {
return <Error statusCode={500} />;
}
if (!data && !error) { if (!data && !error) {
return <LoadingSpinner />; return <LoadingSpinner />;
} }
if (!data) { if (!data) {
return <LoadingSpinner />; return <Error statusCode={500} />;
} }
return ( return (

Loading…
Cancel
Save