sam/Foxnouns.NET
sam/Foxnouns.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 2 Wiki Activity Actions

fix: only query user ID in /api/internal/request-data

Browse source
This commit is contained in:
sam 2024-09-11 16:34:08 +02:00
parent 2682cabfb0
commit 4ac0001795
Signed by: sam
GPG key ID: B4EF20DDE721CAA1
3 changed files with 16 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
Foxnouns.Backend/Database/DatabaseQueryExtensions.cs
View file

@ -110,6 +110,7 @@ public static class DatabaseQueryExtensions
CancellationToken ct = default)
{
var hash = SHA512.HashData(rawToken);
var oauthToken = await context.Tokens
.Include(t => t.Application)
.Include(t => t.User)
@ -119,4 +120,13 @@ public static class DatabaseQueryExtensions
return oauthToken;
}
public static async Task<Snowflake?> GetTokenUserId(this DatabaseContext context, byte[] rawToken,
CancellationToken ct = default)
{
var hash = SHA512.HashData(rawToken);
return await context.Tokens
.Where(t => t.Hash == hash && t.ExpiresAt > SystemClock.Instance.GetCurrentInstant() && !t.ManuallyExpired)
.Select(t => t.UserId).FirstOrDefaultAsync(ct);
}
}