diff --git a/lib/staff_constraint.rb b/lib/staff_constraint.rb
index 19c3acf4220..ba4dc0a36cd 100644
--- a/lib/staff_constraint.rb
+++ b/lib/staff_constraint.rb
@@ -5,6 +5,8 @@ class StaffConstraint
   def matches?(request)
     provider = Discourse.current_user_provider.new(request.env)
     provider.current_user && provider.current_user.staff?
+  rescue Discourse::InvalidAccess
+    false
   end
 
 end
diff --git a/spec/integration/admin/admin_controller_spec.rb b/spec/integration/admin/admin_controller_spec.rb
new file mode 100644
index 00000000000..62beaaca421
--- /dev/null
+++ b/spec/integration/admin/admin_controller_spec.rb
@@ -0,0 +1,9 @@
+require 'rails_helper'
+
+RSpec.describe "Admin::AdminController" do
+  it "should return the right response if user isn't a staff" do
+    expect do
+      get "/admin", api_key: 'asdiasiduga'
+    end.to raise_error(ActionController::RoutingError)
+  end
+end