TopherMayor/comparaison
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare API crashes: user_id='system' violates FK constraint #10

New Issue
Closed
opened 2026-04-27 17:28:12 +00:00 by TopherMayor · 0 comments
TopherMayor commented 2026-04-27 17:28:12 +00:00
Owner
Copy Link

Description

POST /api/compare crashes with a 500 error because it uses user_id = "system" which doesn't exist in the users table.

Root Cause

The compare endpoint hardcodes user_id as "system" when no authenticated session is found, but the comparisons table has a foreign key constraint.

insert or update on table "comparisons" violates foreign key constraint "comparisons_user_id_users_id_fk"
Key (user_id)=(system) is not present in table "users".

Impact

  • Core feature (comparisons) is completely broken
  • Returns 500 instead of proper auth error
  • Even after sign-up is fixed, anonymous compare attempts will still crash

Fix

  1. Add auth gate to /api/compare -- return 401 if no session
  2. Remove the hardcoded "system" user_id fallback
  3. Optionally: create a system user if anonymous comparisons should be supported

Severity: Critical - core app functionality broken.

## Description `POST /api/compare` crashes with a 500 error because it uses `user_id = "system"` which doesn't exist in the users table. ## Root Cause The compare endpoint hardcodes `user_id` as `"system"` when no authenticated session is found, but the `comparisons` table has a foreign key constraint. ```sql insert or update on table "comparisons" violates foreign key constraint "comparisons_user_id_users_id_fk" Key (user_id)=(system) is not present in table "users". ``` ## Impact - Core feature (comparisons) is completely broken - Returns 500 instead of proper auth error - Even after sign-up is fixed, anonymous compare attempts will still crash ## Fix 1. Add auth gate to `/api/compare` -- return 401 if no session 2. Remove the hardcoded `"system"` user_id fallback 3. Optionally: create a system user if anonymous comparisons should be supported ## Severity: Critical - core app functionality broken.
TopherMayor added the bug label 2026-04-27 17:28:12 +00:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
backend
Server-side, API, database
 bug
Bugs and logic errors
 documentation
Docs, comments
 feature
New feature or enhancement
 frontend
UI/UX frontend work
 improvement
Code quality, refactoring
 testing
Test gaps, new tests
No Label bug
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
TopherMayor
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: TopherMayor/comparaison#10
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?