fix(users): prevent crash on non-existent users for the auth middleware

Prevent crashing when checking the property lastPasswordChangedAt for null users
internxt · Apr 26, 2024 · e080a37 · e080a37
1 parent c413050
commit e080a37
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/src/config/initializers/middleware.js b/src/config/initializers/middleware.js
@@ -166,6 +166,10 @@ module.exports = (App, Config) => {
 
       App.services.User.FindUserObjByEmail(email)
         .then((user) => {
+          if (!user) {
+            return done(new Error("User not found"));
+          }
+
           const userWithoutLastPasswordChangedAt = user.lastPasswordChangedAt === null;
           const userWithLastPasswordChangedAtLowerThanToken =
             user.lastPasswordChangedAt &&