admin/dragonsstash
1
0
Fork 0
mirror of https://github.com/xCyanGrizzly/DragonsStash.git synced 2026-05-10 22:01:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

Wrap first-user admin check in transaction to prevent race condition

Browse Source 
Co-authored-by: xCyanGrizzly <53275238+xCyanGrizzly@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-03-04 18:55:41 +00:00
parent 3704708970
commit 5d88f9beb3
1 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/app/(auth)/register/actions.ts
View File

@@ -22,10 +22,11 @@ export async function registerUser(input: unknown): Promise<ActionResult<{ id: s
const hashedPassword = await bcrypt.hash(parsed.data.password, 10);
// First user to register becomes ADMIN (self-hosted owner)
const userCount = await prisma.user.count();
const user = await prisma.$transaction(async (tx) => {
const userCount = await tx.user.count();
const role = userCount === 0 ? "ADMIN" : "USER";
const user = await prisma.user.create({
return tx.user.create({
data: {
name: parsed.data.name,
email: parsed.data.email,
@@ -41,6 +42,7 @@ export async function registerUser(input: unknown): Promise<ActionResult<{ id: s
},
},
});
});
return { success: true, data: { id: user.id } };
}