aljaz/btcpayserver
1
0
Fork 0
mirror of https://github.com/aljazceru/btcpayserver.git synced 2025-12-17 22:14:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

Fix: Denied 403 page if denied access to default store (#6976)

Browse Source 
If a user go to store A, then lose access to store A, any attempt to
browse the home page will return a 403 error.

The user would then get stuck, unable to select a new store until he
clears the cache.
This commit is contained in:
Nicolas Dorier
2025-11-05 09:26:36 +09:00
committed by GitHub
parent d53b36c2a3
commit 5a5b0c21a4
1 changed files with 3 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
BTCPayServer/Controllers/UIHomeController.cs
View File

@@ -70,14 +70,15 @@ namespace BTCPayServer.Controllers
{ {
var userId = SignInManager.UserManager.GetUserId(HttpContext.User); var userId = SignInManager.UserManager.GetUserId(HttpContext.User);
var storeId = HttpContext.GetUserPrefsCookie()?.CurrentStoreId; var storeId = HttpContext.GetUserPrefsCookie()?.CurrentStoreId;
if (storeId != null) if (storeId != null && userId != null)
{ {
// verify store exists and redirect to it // verify store exists and redirect to it
var store = await _storeRepository.FindStore(storeId); var store = await _storeRepository.FindStore(storeId, userId);
if (store != null) if (store != null)
{ {
return RedirectToAction(nameof(UIStoresController.Index), "UIStores", new { storeId }); return RedirectToAction(nameof(UIStoresController.Index), "UIStores", new { storeId });
} }
HttpContext.DeleteUserPrefsCookie();
} }
var stores = await _storeRepository.GetStoresByUserId(userId!); var stores = await _storeRepository.GetStoresByUserId(userId!);