gtsocial-umbx

Unnamed repository; edit this file 'description' to name the repository.
Log | Files | Refs | README | LICENSE
commit 2162f216360129f147da1fd5f3d8fae5233c0d1d
parent 1582cf8bad94890a1957595a0fd51bb128941280
Author: tobi <31960611+tsmethurst@users.noreply.github.com>
Date:   Thu, 26 Aug 2021 19:56:40 +0200

fix broken db queries in auth (#160)


Diffstat:

Minternal/api/client/auth/authorize.go | 4++--


Minternal/api/client/auth/callback.go | 6++----


2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/internal/api/client/auth/authorize.go b/internal/api/client/auth/authorize.go
@@ -71,7 +71,7 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) {
 		return
 	}
 	app := &gtsmodel.Application{}
-	if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: app.ClientID}}, app); err != nil {
+	if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: clientID}}, app); err != nil {
 		m.clearSession(s)
 		c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("no application found for client id %s", clientID)})
 		return
@@ -79,7 +79,7 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) {
 
 	// we can also use the userid of the user to fetch their username from the db to greet them nicely <3
 	user := &gtsmodel.User{}
-	if err := m.db.GetByID(c.Request.Context(), user.ID, user); err != nil {
+	if err := m.db.GetByID(c.Request.Context(), userID, user); err != nil {
 		m.clearSession(s)
 		c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()})
 		return
diff --git a/internal/api/client/auth/callback.go b/internal/api/client/auth/callback.go
@@ -78,10 +78,8 @@ func (m *Module) CallbackGETHandler(c *gin.Context) {
 		c.JSON(http.StatusInternalServerError, gin.H{"error": "no client_id found in session during callback"})
 		return
 	}
-	app := &gtsmodel.Application{
-		ClientID: clientID,
-	}
-	if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: app.ClientID}}, app); err != nil {
+	app := &gtsmodel.Application{}
+	if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: clientID}}, app); err != nil {
 		m.clearSession(s)
 		c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("no application found for client id %s", clientID)})
 		return