From 1be460aec3d2330be404ffa5ace43e2b6d943107 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?dni=20=E2=9A=A1?= <office@dnilabs.com>
Date: Fri, 23 Dec 2022 11:53:45 +0100
Subject: [PATCH] fix user not exist bug in frontend

---
 lnbits/core/views/generic.py |  5 ++++-
 lnbits/decorators.py         | 18 +++++++++---------
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/lnbits/core/views/generic.py b/lnbits/core/views/generic.py
index 9df133b2a..ed7b156d6 100644
--- a/lnbits/core/views/generic.py
+++ b/lnbits/core/views/generic.py
@@ -38,7 +38,7 @@ async def favicon():
 
 
 @core_html_routes.get("/", response_class=HTMLResponse)
-async def home(request: Request, lightning: str = None):
+async def home(request: Request, lightning: str = ""):
     return template_renderer().TemplateResponse(
         "core/index.html", {"request": request, "lnurl": lightning}
     )
@@ -124,12 +124,15 @@ async def wallet(
         if (
             len(settings.lnbits_allowed_users) > 0
             and user_id not in settings.lnbits_allowed_users
+            and user_id not in settings.lnbits_admin_users
+            and user_id != settings.super_user
         ):
             return template_renderer().TemplateResponse(
                 "error.html", {"request": request, "err": "User not authorized."}
             )
         if user_id == settings.super_user or user_id in settings.lnbits_admin_users:
             user.admin = True
+
     if not wallet_id:
         if user.wallets and not wallet_name:  # type: ignore
             wallet = user.wallets[0]  # type: ignore
diff --git a/lnbits/decorators.py b/lnbits/decorators.py
index 74559db63..9aeace400 100644
--- a/lnbits/decorators.py
+++ b/lnbits/decorators.py
@@ -233,15 +233,15 @@ async def check_user_exists(usr: UUID4) -> User:
             status_code=HTTPStatus.NOT_FOUND, detail="User does not exist."
         )
 
-    if len(settings.lnbits_allowed_users) > 0:
-        if (
-            g().user.id not in settings.lnbits_allowed_users
-            or g().user.id != settings.super_user
-            or g().user.id not in settings.lnbits_admin_users
-        ):
-            raise HTTPException(
-                status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized."
-            )
+    if (
+        len(settings.lnbits_allowed_users) > 0
+        and g().user.id not in settings.lnbits_allowed_users
+        and g().user.id not in settings.lnbits_admin_users
+        and g().user.id != settings.super_user
+    ):
+        raise HTTPException(
+            status_code=HTTPStatus.UNAUTHORIZED, detail="User not authorized."
+        )
 
     return g().user