@pixelbyte-software/pixcode 1.55.2 → 1.55.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@pixelbyte-software/pixcode",
3
- "version": "1.55.2",
3
+ "version": "1.55.3",
4
4
  "description": "Self-hosted AI coding agent control room for Claude Code, Cursor CLI, OpenAI Codex, Gemini CLI, Qwen Code, and OpenCode with chat, files, shell, Git, orchestration, API keys, Telegram, MCP, plugins, themes, and desktop/server deployment.",
5
5
  "type": "module",
6
6
  "main": "dist-server/server/index.js",
@@ -36,7 +36,7 @@ function publicUser(user) {
36
36
  // Check auth status and setup requirements
37
37
  router.get('/status', async (req, res) => {
38
38
  try {
39
- const hasUsers = await userDb.hasUsers();
39
+ const hasUsers = userDb.hasUsers();
40
40
  res.json({
41
41
  needsSetup: !hasUsers,
42
42
  isAuthenticated: false // Will be overridden by frontend if token exists
@@ -62,16 +62,23 @@ router.put('/connection-mode', async (req, res) => {
62
62
  try {
63
63
  // During first-run setup no users exist yet, so we skip auth.
64
64
  // The setup form calls this endpoint before creating the admin account.
65
- const hasUsers = await userDb.hasUsers();
65
+ const hasUsers = userDb.hasUsers();
66
66
  if (!hasUsers) {
67
67
  return res.json({ success: true, connection: saveRemoteConnectionConfig(req.body || {}) });
68
68
  }
69
69
  // Post-setup: require authenticated admin
70
- authenticateToken(req, res, () => {
71
- requireAdmin(req, res, () => {
72
- res.json({ success: true, connection: saveRemoteConnectionConfig(req.body || {}) });
70
+ // Wrap authenticateToken in a try/catch so that if it sends a response
71
+ // (e.g. 401 when no token is present) we don't double-send.
72
+ try {
73
+ authenticateToken(req, res, () => {
74
+ requireAdmin(req, res, () => {
75
+ res.json({ success: true, connection: saveRemoteConnectionConfig(req.body || {}) });
76
+ });
73
77
  });
74
- });
78
+ } catch (err) {
79
+ // If authenticateToken throws instead of calling next/send, return 401
80
+ res.status(401).json({ error: err.message || 'Authentication required' });
81
+ }
75
82
  } catch (error) {
76
83
  res.status(400).json({ success: false, error: error.message });
77
84
  }