fix(api): prevent checking first admin account for plex server access

4 years ago · 22006e9dbd
parent e7ee85c29b
commit 22006e9dbd
3 changed files with 38 additions and 40 deletions
--- a/server/lib/notifications/agents/discord.ts
+++ b/server/lib/notifications/agents/discord.ts
@ -143,8 +143,6 @@ class DiscordAgent
          }
        );
        break;
-      default:
-        color = EmbedColors.DARK_PURPLE;
    }

    return {
--- a/server/routes/auth.ts
+++ b/server/routes/auth.ts
@ -71,6 +71,8 @@ authRoutes.post('/login', async (req, res, next) => {
        await userRepository.save(user);
      }

+      // Double check that we didn't create the first admin user before running this
+      if (!user) {
        // If we get to this point, the user does not already exist so we need to create the
        // user _assuming_ they have access to the plex server
        const mainUser = await userRepository.findOneOrFail({
@ -78,6 +80,7 @@ authRoutes.post('/login', async (req, res, next) => {
          order: { id: 'ASC' },
        });
        const mainPlexTv = new PlexTvAPI(mainUser.plexToken ?? '');
+
        if (await mainPlexTv.checkUserAccess(account)) {
          user = new User({
            email: account.email,
@ -106,9 +109,10 @@ authRoutes.post('/login', async (req, res, next) => {
          });
        }
      }
+    }

    // Set logged in session
-    if (req.session && user) {
+    if (req.session) {
      req.session.userId = user.id;
    }

--- a/src/components/Settings/SettingsAbout/index.tsx
+++ b/src/components/Settings/SettingsAbout/index.tsx
@ -26,16 +26,12 @@ const SettingsAbout: React.FC = () => {
    '/api/v1/settings/about'
  );

-  if (error) {
-    return <Error statusCode={500} />;
-  }
-
  if (!data && !error) {
    return <LoadingSpinner />;
  }

  if (!data) {
-    return <LoadingSpinner />;
+    return <Error statusCode={500} />;
  }

  return (