fix: only query user ID in /api/internal/request-data

.idea/.idea.Foxnouns.NET/.idea/watcherTasks.xml

@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project version="4">
+  <component name="ProjectTasksOptions" suppressed-tasks="SCSS" />
+</project>

Foxnouns.Backend/Controllers/InternalController.cs

@@ -43,8 +43,8 @@ public partial class InternalController(DatabaseContext db, IClock clock) : Cont
         if (!AuthUtils.TryParseToken(req.Token, out var rawToken))
             return Ok(new RequestDataResponse(null, template));
 
-        var oauthToken = await db.GetToken(rawToken);
-        return Ok(new RequestDataResponse(oauthToken?.UserId, template));
+        var userId = await db.GetTokenUserId(rawToken);
+        return Ok(new RequestDataResponse(userId, template));
     }
 
     public record RequestDataRequest(string? Token, string Method, string Path);

Foxnouns.Backend/Database/DatabaseQueryExtensions.cs

@@ -110,6 +110,7 @@ public static class DatabaseQueryExtensions
         CancellationToken ct = default)
     {
         var hash = SHA512.HashData(rawToken);
+
         var oauthToken = await context.Tokens
             .Include(t => t.Application)
             .Include(t => t.User)
@@ -119,4 +120,13 @@ public static class DatabaseQueryExtensions
 
         return oauthToken;
     }
+
+    public static async Task<Snowflake?> GetTokenUserId(this DatabaseContext context, byte[] rawToken,
+        CancellationToken ct = default)
+    {
+        var hash = SHA512.HashData(rawToken);
+        return await context.Tokens
+            .Where(t => t.Hash == hash && t.ExpiresAt > SystemClock.Instance.GetCurrentInstant() && !t.ManuallyExpired)
+            .Select(t => t.UserId).FirstOrDefaultAsync(ct);
+    }
 }