There is a bug in the code related to the getUsersRoleAndPermission function in src/controllers/auth/token.js. The function accepts two parameters, userId and res. The bug causes the login API to crash because there are multiple responses being returned, one from the main controller and another from the getUsersRoleAndPermission function.
The error occurs primarily because in Express.js, it is not possible to return a response with two different res objects simultaneously. This causes conflicts and results in the observed error.
Steps to Reproduce
To reproduce the behavior, follow these steps:
Get your users from the /api/table/_users/rows API.
Select one user and remove its role from the _users_roles table by using a GUI DB browser tool.
Attempt to log in with the user whose role you deleted.
Bug Description
There is a bug in the code related to the
getUsersRoleAndPermissionfunction insrc/controllers/auth/token.js. The function accepts two parameters,userIdandres. The bug causes the login API to crash because there are multiple responses being returned, one from the main controller and another from thegetUsersRoleAndPermissionfunction.The error occurs primarily because in Express.js, it is not possible to return a response with two different
resobjects simultaneously. This causes conflicts and results in the observed error.Steps to Reproduce
To reproduce the behavior, follow these steps:
Get your users from the
/api/table/_users/rowsAPI.Select one user and remove its role from the
_users_rolestable by using a GUI DB browser tool.Error Screenshots