fix: [Auth] Correctly handle users accounts getting deleted whilst the users are logged in

- deauthed users would end up in a forced loop having to read the news creating a new blank user with each page refresh

app/Controller/AppController.php

@@ -360,6 +360,20 @@ class AppController extends Controller
 
         if ($this->Session->check(AuthComponent::$sessionKey)) {
             if ($this->action !== 'checkIfLoggedIn' || $this->request->params['controller'] !== 'users') {
+				$this->User->id = $this->Auth->user('id');
+				if (!$this->User->exists()) {
+					$message = __('Something went wrong. Your user account that you are authenticated with doesn\'t exist anymore.');
+					if ($this->_isRest) {
+						$this->RestResponse->throwException(
+							401,
+							$message
+						);
+					} else {
+						$this->Flash->info($message);
+					}
+					$this->Auth->logout();
+					$this->redirect(array('controller' => 'users', 'action' => 'login', 'admin' => false));
+				}
                 if (!empty(Configure::read('MISP.terms_file')) && !$this->Auth->user('termsaccepted') && (!in_array($this->request->here, array($base_dir.'/users/terms', $base_dir.'/users/logout', $base_dir.'/users/login', $base_dir.'/users/downloadTerms')))) {
                     //if ($this->_isRest()) throw new MethodNotAllowedException('You have not accepted the terms of use yet, please log in via the web interface and accept them.');
                     if (!$this->_isRest()) {

app/Controller/NewsController.php

@@ -31,8 +31,10 @@ class NewsController extends AppController
             }
         }
         $this->User->id = $this->Auth->user('id');
-        $this->User->saveField('newsread', time());
-        $this->set('newsItems', $newsItems);
+		//if ($this->User->exists()) {
+        	$this->User->saveField('newsread', time());
+        	$this->set('newsItems', $newsItems);
+		//}
     }
 
     public function add()