WildDragonLLC/dragonflight
1
0
Fork 0
Code Issues 32 Pull requests 7 Projects Releases Packages Wiki Activity Actions

fix: /me returns guest user when AUTH_ENABLED is false so auth-guard never fires on dev

Browse source
This commit is contained in:
Zac Gaetano 2026-05-18 13:21:37 -04:00
parent 4f649b41a9
commit cb63e4743d
1 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
services/mam-api/src/routes/auth.js
View file

@ -74,6 +74,12 @@ router.post('/logout', (req, res, next) => {
// GET /me // GET /me
// --------------------------------------------------------------------------- // ---------------------------------------------------------------------------
router.get('/me', async (req, res) => { router.get('/me', async (req, res) => {
// When auth is disabled return a synthetic guest/admin user so the frontend
// auth-guard never receives a 401 and never redirects to login.html.
if (process.env.AUTH_ENABLED !== 'true') {
return res.json({ id: null, username: 'admin', display_name: 'Admin', role: 'admin' });
}
if (!req.session || !req.session.userId) { if (!req.session || !req.session.userId) {
return res.status(401).json({ error: 'Not authenticated' }); return res.status(401).json({ error: 'Not authenticated' });
} }