Fix/Understand Authorization Problems #945
Description
When locally running hackerAPI + dashboard, almost every action you make returns GET http://localhost:3000/api/... 401 (Unauthorized)
The error is being thrown due to async function ensureAuthorized(req, findByIdFns) returning a false value at the end of the function:
async function ensureAuthorized(req, findByIdFns) {
...
if (currentlyValid) {
return currentlyValid;
}
}
return false; <---- this is where the function returns
}
UPDATE: It is very possible the issue originates from the way the user was created. I manually changed the verification status in the database since the emails weren't sending. This manual change could mess with permissions/roles/authorization
I believe the emails aren't sending due to a sendgrid problem:
2025-10-03T23:13:07.562Z - info: GET /api/account/self 401 7ms
[accountRouter] Error encountered {
message: 'Unauthorized',
stack: 'Error: Unauthorized\n' +
' at node_modules/@sendgrid/client/src/classes/client.js:167:29\n' +
' at process.processTicksAndRejections (node:internal/process/task_queues:95:5)',
method: 'POST',
url: '/api/account',
params: {},
query: {},
body: {
accountDetails: {
_id: new ObjectId('68e058a424635ef89ea3971b'),
firstName: 'test',
lastName: 'user',
pronoun: 'She/Her',
gender: 'Male',
email: 'test@user.com',
password: '$2b$10$Rb.m.NYpkbRo3uficwj5XOtMWFQoSqVkA4vBOqaF4hoLAqBbHsu2C',
dietaryRestrictions: [Array],
age: '44',
phoneNumber: '+14442123212'
},
account: {
firstName: 'test',
lastName: 'user',
pronoun: 'She/Her',
gender: 'Male',
email: 'test@user.com',
password: '$2b$10$Rb.m.NYpkbRo3uficwj5XOtMWFQoSqVkA4vBOqaF4hoLAqBbHsu2C',
dietaryRestrictions: [Array],
confirmed: false,
accountType: 'Hacker',
age: 44,
phoneNumber: 14442123212,
_id: new ObjectId('68e058a424635ef89ea3971b'),
__v: 0
}
}
}