From bc4ad492852fad8cb832a0c03485cccdd7f7b117 Mon Sep 17 00:00:00 2001
From: C4illin <emrik.ostling@gmail.com>
Date: Fri, 23 Aug 2024 15:18:43 +0200
Subject: [PATCH] fix: keep unauthenticated user logged in if allowed #114

---
 src/index.tsx | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/src/index.tsx b/src/index.tsx
index 864adae..ad11869 100644
--- a/src/index.tsx
+++ b/src/index.tsx
@@ -415,21 +415,23 @@ const app = new Elysia({
       user = await jwt.verify(auth.value);
 
       if (user !== false && user.id) {
-        // make sure user exists in db
-        const existingUser = db
-          .query("SELECT * FROM users WHERE id = ?")
-          .as(User)
-          .get(user.id);
+        if (Number.parseInt(user.id) < 2 ** 24 || !ALLOW_UNAUTHENTICATED) {
+          // make sure user exists in db
+          const existingUser = db
+            .query("SELECT * FROM users WHERE id = ?")
+            .as(User)
+            .get(user.id);
 
-        if (!existingUser) {
-          if (auth?.value) {
-            auth.remove();
+          if (!existingUser) {
+            if (auth?.value) {
+              auth.remove();
+            }
+            return redirect("/login", 302);
           }
-          return redirect("/login", 302);
         }
       }
     } else if (ALLOW_UNAUTHENTICATED) {
-      const newUserId = String(randomInt(2 ^ 24, Number.MAX_SAFE_INTEGER));
+      const newUserId = String(randomInt(2 ** 24, Number.MAX_SAFE_INTEGER));
       const accessToken = await jwt.sign({
         id: newUserId,
       });