From 34f2669ab91c0c96fb27feb692e5db9279eba939 Mon Sep 17 00:00:00 2001
From: Arthur Lu <root@tronnet.net>
Date: Fri, 28 Jun 2024 07:14:41 +0000
Subject: [PATCH] add valid user cookie check to checkAuth, add admin flag in
 user data

---
 src/utils.js          | 11 ++++++++++-
 template.localdb.json |  1 +
 2 files changed, 11 insertions(+), 1 deletion(-)

diff --git a/src/utils.js b/src/utils.js
index 7dd85be..cfd3745 100644
--- a/src/utils.js
+++ b/src/utils.js
@@ -16,9 +16,13 @@ export async function checkAuth (cookies, res, vmpath = null) {
 	let auth = false;
 
 	const userObj = getUserObjFromUsername(cookies.username);
+	if (!userObj) {
+		res.status(401).send({ auth, path: vmpath ? `${vmpath}/config` : "/version", error: "Username was missing or invalid." });
+		res.end()
+		return false;
+	}
 
 	if ((await global.userManager.getUser(userObj)) === null) {
-		auth = false;
 		res.status(401).send({ auth, path: vmpath ? `${vmpath}/config` : "/version", error: `User ${cookies.username} not found in localdb.` });
 		res.end();
 		return false;
@@ -363,8 +367,13 @@ export function readJSONFile (path) {
 };
 
 export function getUserObjFromUsername (username) {
+	if (username) {
 	const userRealm = username.split("@").at(-1);
 	const userID = username.replace(`@${userRealm}`, "");
 	const userObj = { id: userID, realm: userRealm };
 	return userObj;
+	}
+	else {
+		return null
+	}
 }
diff --git a/template.localdb.json b/template.localdb.json
index 91e4638..aeb8650 100644
--- a/template.localdb.json
+++ b/template.localdb.json
@@ -72,6 +72,7 @@
 				}
 			},
 			"cluster": {
+				"admin": false,
 				"nodes": {
 					"example-node-0": true,
 					"example-node-1": true,