From 28d023873250dc3f7349b8c9e3b3c7401e1091be Mon Sep 17 00:00:00 2001 From: Christopher Kolstad Date: Tue, 19 Oct 2021 14:24:23 +0200 Subject: [PATCH] add try-catch to demo auth middleware (#1044) - Since we validate email used in auth the route function needs to handle the possibility that userService.loginUserWithoutPassword can throw. --- src/lib/middleware/demo-authentication.ts | 27 +++++++++++++++-------- 1 file changed, 18 insertions(+), 9 deletions(-) diff --git a/src/lib/middleware/demo-authentication.ts b/src/lib/middleware/demo-authentication.ts index ff8e8db30f..2b1a8c964f 100644 --- a/src/lib/middleware/demo-authentication.ts +++ b/src/lib/middleware/demo-authentication.ts @@ -9,16 +9,25 @@ function demoAuthentication( ): void { app.post(`${basePath}/api/admin/login`, async (req, res) => { const { email } = req.body; - const user = await userService.loginUserWithoutPassword(email, true); - const session = req.session || {}; - // @ts-ignore - session.user = user; - // @ts-ignore - req.session = session; - res.status(200) + try { + const user = await userService.loginUserWithoutPassword( + email, + true, + ); + const session = req.session || {}; // @ts-ignore - .json(req.session.user) - .end(); + session.user = user; + // @ts-ignore + req.session = session; + res.status(200) + // @ts-ignore + .json(req.session.user) + .end(); + } catch (e) { + res.status(400) + .json({ error: `Could not sign in with ${email}` }) + .end(); + } }); app.use(`${basePath}/api/admin/`, (req, res, next) => {