There is a bug in the code related to the getUsersRoleAndPermission function in src/controllers/auth/token.js. The function accepts two parameters, userId and res. The bug causes the login API to crash because there are multiple responses being returned, one from the main controller and another from the getUsersRoleAndPermission function.
The error occurs primarily because in Express.js, it is not possible to return a response with two different res objects simultaneously. This causes conflicts and results in the observed error.
Steps to Reproduce
To reproduce the behavior, follow these steps:
Get your users from the /api/table/_users/rows API.
Select one user and remove its role from the _users_roles table by using a GUI DB browser tool.
Attempt to log in with the user whose role you deleted.
Bug Description
There is a bug in the code related to the
getUsersRoleAndPermission
function insrc/controllers/auth/token.js
. The function accepts two parameters,userId
andres
. The bug causes the login API to crash because there are multiple responses being returned, one from the main controller and another from thegetUsersRoleAndPermission
function.The error occurs primarily because in Express.js, it is not possible to return a response with two different
res
objects simultaneously. This causes conflicts and results in the observed error.Steps to Reproduce
To reproduce the behavior, follow these steps:
Get your users from the
/api/table/_users/rows
API.Select one user and remove its role from the
_users_roles
table by using a GUI DB browser tool.Error Screenshots