From 3704b63b9d39860447f7ab0151f41a7aabcedc41 Mon Sep 17 00:00:00 2001
From: Wing-Kam Wong <wingkwong.code@gmail.com>
Date: Mon, 13 Jun 2022 17:18:01 +0800
Subject: [PATCH] fix: only check token_expired in non-public base

---
 .../src/lib/meta/helpers/ncMetaAclMw.ts       | 32 ++++++++++---------
 1 file changed, 17 insertions(+), 15 deletions(-)

diff --git a/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts b/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts
index 51e93db1b9..b2bbad271b 100644
--- a/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts
+++ b/packages/nocodb/src/lib/meta/helpers/ncMetaAclMw.ts
@@ -25,21 +25,23 @@ export default function(handlerFn, permissionName) {
         NcError.unauthorized('Unauthorized access');
       }
 
-      // check if the token is still valid
-      const email = req?.session?.passport?.user?.email;
-      let user =
-        email &&
-        (await NocoCache.get(
-          `${CacheScope.USER}:${email}`,
-          CacheGetType.TYPE_OBJECT
-        ));
-      if (!user) {
-        user = await Noco.ncMeta.metaGet2(null, null, MetaTable.USERS, {
-          email
-        });
-      }
-      if (user.token_expired) {
-        NcError.unauthorized('Token Expired. Please login again.');
+      // check if the token is still valid for non-public base
+      if (!req?.session?.passport?.user?.isPublicBase) {
+        const email = req?.session?.passport?.user?.email;
+        let user =
+          email &&
+          (await NocoCache.get(
+            `${CacheScope.USER}:${email}`,
+            CacheGetType.TYPE_OBJECT
+          ));
+        if (!user) {
+          user = await Noco.ncMeta.metaGet2(null, null, MetaTable.USERS, {
+            email
+          });
+        }
+        if (user.token_expired) {
+          NcError.unauthorized('Token Expired. Please login again.');
+        }
       }
       next();
     }),