Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit b7efa6f

Browse filesBrowse files
KernelDeimosKernelDeimos
committed
fix: handle problematic null or undefined case
This is the product of a couple hours of debugging. We can now remove the uuid entry from the cache for a deleted user without the strange lockup behavior that was being observed previously. However, it is still explained exactly how this happened; while this commit addresses the cause it does not represent an actual understanding of the issue. What is known is the following: - /delete-own-user can trigger a complete lockup - this happens when invalidate_cached_user is called - kv.del('users:uuid:<uuid of user>') triggers the issue - ... because get_user returns null and - configurable_auth middleware accepts the null value - configurable_auth middleware DOES call next() - it is unknown why a lockup occurs after this
1 parent 210ecab commit b7efa6f
Copy full SHA for b7efa6f

File tree

Expand file treeCollapse file tree

3 files changed

+10
-1
lines changed
Filter options
Expand file treeCollapse file tree

3 files changed

+10
-1
lines changed

‎src/backend/src/api/APIError.js

Copy file name to clipboardExpand all lines: src/backend/src/api/APIError.js
+4Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -356,6 +356,10 @@ module.exports = class APIError {
356356
status: 401,
357357
message: 'Authentication failed.',
358358
},
359+
'user_not_found': {
360+
status: 401,
361+
message: 'User not found.',
362+
},
359363
'token_unsupported': {
360364
status: 401,
361365
message: 'This authentication token is not supported here.',

‎src/backend/src/helpers.js

Copy file name to clipboardExpand all lines: src/backend/src/helpers.js
+1-1Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -199,7 +199,7 @@ async function get_user(options) {
199199
*/
200200
function invalidate_cached_user (user) {
201201
kv.del('users:username:' + user.username);
202-
// kv.del('users:uuid:' + user.uuid);
202+
kv.del('users:uuid:' + user.uuid);
203203
kv.del('users:email:' + user.email);
204204
kv.del('users:id:' + user.id);
205205
}

‎src/backend/src/services/auth/AuthService.js

Copy file name to clipboardExpand all lines: src/backend/src/services/auth/AuthService.js
+5Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -24,6 +24,7 @@ const { Context } = require("../../util/context");
2424
const APIError = require("../../api/APIError");
2525
const { DB_WRITE } = require("../database/consts");
2626
const { UUIDFPE } = require("../../util/uuidfpe");
27+
const { nou } = require("../../util/langutil");
2728

2829
// This constant defines the namespace used for generating app UUIDs from their origins
2930
const APP_ORIGIN_UUID_NAMESPACE = '33de3768-8ee0-43e9-9e73-db192b97a5d8';
@@ -106,6 +107,10 @@ class AuthService extends BaseService {
106107

107108
const user = await get_user({ uuid: decoded.user_uid });
108109

110+
if ( nou(user) ) {
111+
throw APIError.create('user_not_found');
112+
}
113+
109114
const actor_type = new UserActorType({
110115
user,
111116
session: session.uuid,

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.