🐛 return to login if user was not found (probably deleted in db or token manipulated)🚸

2025-11-13 00:03:33 +10:00 · 2023-03-09 11:24:32 +01:00
parent 02372eb6bc
commit 30e186d82a
5 changed files with 25 additions and 8 deletions
--- a/packages/lib/server/getUserFromToken.ts
+++ b/packages/lib/server/getUserFromToken.ts
@ -2,6 +2,7 @@ import prisma from "@documenso/prisma";
 import { User as PrismaUser } from "@prisma/client";
 import { NextApiRequest, NextApiResponse } from "next";
 import { getToken } from "next-auth/jwt";
+import { signOut } from "next-auth/react";

 export async function getUserFromToken(
  req: NextApiRequest,
@ -20,11 +21,9 @@ export async function getUserFromToken(
    return null;
  }

-  let user = await prisma.user.findFirstOrThrow({
+  const user = await prisma.user.findFirst({
    where: { email: tokenEmail },
  });

-  if (user) return user;
-  if (!user) res.status(401).send("No user found for token.");
-  return null;
+  return user;
 }