From 7e222187e4e9f637f31e03a4cc144023bfe261a2 Mon Sep 17 00:00:00 2001
From: Gabriel Luiz Freitas Almeida <gabriel@langflow.org>
Date: Mon, 8 Jul 2024 13:37:03 -0300
Subject: [PATCH] fix: remove redundant superuser only if it has never logged
 in (#2582)

fix: Remove redundant superuser only if it has never logged in

The code changes in `utils.py` check if the superuser exists and if it has never logged in. If both conditions are true, the superuser is deleted from the database. This improves the efficiency and security of the application.
---
 src/backend/base/langflow/services/utils.py | 7 ++++---
 src/frontend/src/controllers/API/api.tsx    | 8 --------
 src/frontend/src/stores/foldersStore.tsx    | 2 +-
 3 files changed, 5 insertions(+), 12 deletions(-)

diff --git a/src/backend/base/langflow/services/utils.py b/src/backend/base/langflow/services/utils.py
index 3d2be2f6d..06c45bd8d 100644
--- a/src/backend/base/langflow/services/utils.py
+++ b/src/backend/base/langflow/services/utils.py
@@ -97,12 +97,13 @@ def teardown_superuser(settings_service, session):
             from langflow.services.database.models.user.model import User
 
             user = session.exec(select(User).where(User.username == username)).first()
-            if user and user.is_superuser is True:
+            # Check if super was ever logged in, if not delete it
+            # if it has logged in, it means the user is using it to login
+            if user and user.is_superuser is True and not user.last_login_at:
                 session.delete(user)
                 session.commit()
                 logger.debug("Default superuser removed successfully.")
-            else:
-                logger.debug("Default superuser not found.")
+
         except Exception as exc:
             logger.exception(exc)
             raise RuntimeError("Could not remove default superuser.") from exc
diff --git a/src/frontend/src/controllers/API/api.tsx b/src/frontend/src/controllers/API/api.tsx
index 0ac3efa6b..c34fb0946 100644
--- a/src/frontend/src/controllers/API/api.tsx
+++ b/src/frontend/src/controllers/API/api.tsx
@@ -131,14 +131,6 @@ function ApiInterceptor() {
       if (res?.data?.access_token && res?.data?.refresh_token) {
         login(res?.data?.access_token);
       }
-      if (error?.config?.headers) {
-        delete error.config.headers["Authorization"];
-        error.config.headers["Authorization"] = `Bearer ${cookies.get(
-          "access_token_lf",
-        )}`;
-        const response = await axios.request(error.config);
-        return response;
-      }
     } catch (error) {
       clearBuildVerticesState(error);
       logout();
diff --git a/src/frontend/src/stores/foldersStore.tsx b/src/frontend/src/stores/foldersStore.tsx
index f601ccef2..6257c9085 100644
--- a/src/frontend/src/stores/foldersStore.tsx
+++ b/src/frontend/src/stores/foldersStore.tsx
@@ -98,7 +98,7 @@ export const useFolderStore = create<FoldersStoreType>((set, get) => ({
     if (id) {
       getFolderById(id).then((res) => {
         const setAllFlows = useFlowsManagerStore.getState().setAllFlows;
-        setAllFlows(res.flows);
+        setAllFlows(res?.flows);
         set({ selectedFolder: res });
       });
     }