From 47adb88cb57ecd16310a3395b56add97afd1c73e Mon Sep 17 00:00:00 2001
From: Jochen Schalanda <jochen@schalanda.name>
Date: Tue, 25 Jan 2022 15:11:21 +0100
Subject: [PATCH] Fix race condition if user ID is in session but not in user
 store (#43)

---
 lib/api/routes/loginRoute.js | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/lib/api/routes/loginRoute.js b/lib/api/routes/loginRoute.js
index 3ce7377..ff7e0b7 100644
--- a/lib/api/routes/loginRoute.js
+++ b/lib/api/routes/loginRoute.js
@@ -5,13 +5,13 @@ const hasher = require('../../services/security/hash');
 
 loginRouter.get('/user', async (req, res) => {
   const currentUserId = req.session.currentUser;
-  const isAdmin = currentUserId == null ? false : userStorage.getUser(currentUserId).isAdmin;
-  if (currentUserId == null) {
+  const currentUser = currentUserId == null ? null : userStorage.getUser(currentUserId);
+  if (currentUser == null) {
     res.body = {};
   } else {
     res.body = {
-      userId: currentUserId,
-      isAdmin,
+      userId: currentUser.id,
+      isAdmin: currentUser.isAdmin,
     };
   }
   res.send();