From d5fec4963ee69460a84025c456eb7d928634e765 Mon Sep 17 00:00:00 2001
From: Shadowghost <Shadowghost@users.noreply.github.com>
Date: Wed, 10 May 2023 22:05:27 +0200
Subject: Fix FirstTimeSetupHandler not failing on invalid user if not in setup
 mode (#9747)

---
 .../Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs       | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

(limited to 'Jellyfin.Api/Auth')

diff --git a/Jellyfin.Api/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs b/Jellyfin.Api/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs
index 28ba25850..688a13bc0 100644
--- a/Jellyfin.Api/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs
+++ b/Jellyfin.Api/Auth/FirstTimeSetupPolicy/FirstTimeSetupHandler.cs
@@ -38,7 +38,15 @@ namespace Jellyfin.Api.Auth.FirstTimeSetupPolicy
                 return Task.CompletedTask;
             }
 
-            if (requirement.RequireAdmin && !context.User.IsInRole(UserRoles.Administrator))
+            var contextUser = context.User;
+            if (requirement.RequireAdmin && !contextUser.IsInRole(UserRoles.Administrator))
+            {
+                context.Fail();
+                return Task.CompletedTask;
+            }
+
+            var userId = contextUser.GetUserId();
+            if (userId.Equals(default))
             {
                 context.Fail();
                 return Task.CompletedTask;
@@ -50,7 +58,7 @@ namespace Jellyfin.Api.Auth.FirstTimeSetupPolicy
                 return Task.CompletedTask;
             }
 
-            var user = _userManager.GetUserById(context.User.GetUserId());
+            var user = _userManager.GetUserById(userId);
             if (user is null)
             {
                 throw new ResourceNotFoundException();
-- 
cgit v1.2.3