mirrors/gotosocial
1
0
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial.git synced 2025-10-31 14:12:26 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix broken db queries in auth (#160)

Browse source
This commit is contained in:
tobi 2021-08-26 19:56:40 +02:00 committed by GitHub
commit 2162f21636
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

4
internal/api/client/auth/authorize.go
View file

@ -71,7 +71,7 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) {
return return
} }
app := &gtsmodel.Application{} app := &gtsmodel.Application{}
if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: app.ClientID}}, app); err != nil { if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: clientID}}, app); err != nil {
m.clearSession(s) m.clearSession(s)
c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("no application found for client id %s", clientID)}) c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("no application found for client id %s", clientID)})
return return
@ -79,7 +79,7 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) {
// we can also use the userid of the user to fetch their username from the db to greet them nicely <3 // we can also use the userid of the user to fetch their username from the db to greet them nicely <3
user := &gtsmodel.User{} user := &gtsmodel.User{}
if err := m.db.GetByID(c.Request.Context(), user.ID, user); err != nil { if err := m.db.GetByID(c.Request.Context(), userID, user); err != nil {
m.clearSession(s) m.clearSession(s)
c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()}) c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
return return

6
internal/api/client/auth/callback.go
View file

@ -78,10 +78,8 @@ func (m *Module) CallbackGETHandler(c *gin.Context) {
c.JSON(http.StatusInternalServerError, gin.H{"error": "no client_id found in session during callback"}) c.JSON(http.StatusInternalServerError, gin.H{"error": "no client_id found in session during callback"})
return return
} }
app := &gtsmodel.Application{ app := &gtsmodel.Application{}
ClientID: clientID, if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: clientID}}, app); err != nil {
}
if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: app.ClientID}}, app); err != nil {
m.clearSession(s) m.clearSession(s)
c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("no application found for client id %s", clientID)}) c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("no application found for client id %s", clientID)})
return return