diff --git a/apps/link/app/api/auth/[...nextauth]/route.ts b/apps/link/app/api/auth/[...nextauth]/route.ts
index 2dfa625..fde1ed9 100644
--- a/apps/link/app/api/auth/[...nextauth]/route.ts
+++ b/apps/link/app/api/auth/[...nextauth]/route.ts
@@ -25,13 +25,18 @@ const fetchUser = async (email: string) => {
 };
 
 const getUserRoles = async (email: string) => {
-  const user = await fetchUser(email);
-  const allRoles = await fetchRoles();
-  const roles = user.role_ids.map((roleID: number) => {
-    const role = allRoles[roleID];
-    return role ? role.toLowerCase().replace(" ", "_") : null;
-  });
-  return roles.filter((role: string) => role !== null);
+  try {
+    const user = await fetchUser(email);
+    const allRoles = await fetchRoles();
+    const roles = user.role_ids.map((roleID: number) => {
+      const role = allRoles[roleID];
+      return role ? role.toLowerCase().replace(" ", "_") : null;
+    });
+    return roles.filter((role: string) => role !== null);
+  } catch (e) {
+    console.log({ e });
+    return [];
+  }
 };
 
 const login = async (email: string, password: string) => {
@@ -88,19 +93,19 @@ const handler = NextAuth({
 
   callbacks: {
     signIn: async ({ user, account, profile }) => {
-      const roles = await getUserRoles(user.email);
-      return roles.includes("admin") || roles.includes("agent");
+      const roles = await getUserRoles(user.email) ?? [];
+      return roles.includes("admin") || roles.includes("agent") || process.env.SETUP_MODE === "true";
     },
     session: async ({ session, user, token }) => {
       // @ts-ignore
-      session.user.roles = token.roles;
+      session.user.roles = token.roles ?? [];
       // @ts-ignore
-      session.user.leafcutter = token.leafcutter;
+      session.user.leafcutter = token.leafcutter; // remove
       return session;
     },
     jwt: async ({ token, user, account, profile, trigger }) => {
       if (user) {
-        token.roles = await getUserRoles(user.email);
+        token.roles = await getUserRoles(user.email) ?? [];
       }
       return token;
     }
diff --git a/apps/link/middleware.ts b/apps/link/middleware.ts
index a3e302f..2618f81 100644
--- a/apps/link/middleware.ts
+++ b/apps/link/middleware.ts
@@ -63,7 +63,7 @@ export default withAuth(
         }
 
         const roles: any = token?.roles ?? [];
-        if (roles.includes("admin") || roles.includes("agent")) {
+        if (roles.includes("admin") || roles.includes("agent") || process.env.SETUP_MODE === "true") {
           return true;
         }