Ailur-Archives
/
burgerauth
Archived
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 1 Wiki Activity

Made /api/auth clear out the database of any ongoing login attempts before proceeding

This commit is contained in:
Tracker-Friendly 2024-06-25 01:49:45 +01:00
parent 277c343a1b
commit d04785d2d3
1 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
main.go
View File

@ -15,7 +15,6 @@ import (
"encoding/pem"
"errors"
"fmt"
"github.com/mattn/go-sqlite3"
"log"
"math/big"
"os"
@ -931,17 +930,19 @@ func main() {
return
}
_, err = mem.Exec("DELETE FROM logins WHERE creator = ?", userid)
if err != nil {
log.Println("[ERROR] Unknown in /api/auth delete at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
c.String(500, "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more info. Your error code is: UNKNOWN-API-AUTH-DELETE.")
return
}
_, err = mem.Exec("INSERT INTO logins (appId, exchangeCode, loginToken, creator, openid, pkce, pkcemethod) VALUES (?, ?, ?, ?, ?, ?, ?)", appId, randomBytes, secret_token, userid, jwt_token, code, codeMethod)
if err != nil {
if errors.Is(err, sqlite3.ErrConstraintUnique) {
c.String(400, "Only one login is permitted at a time. Please try again later.")
return
} else {
log.Println("[ERROR] Unknown in /api/auth insert at", strconv.FormatInt(time.Now().Unix(), 10)+":", err)
c.String(500, "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more info. Your error code is: UNKNOWN-API-AUTH-INSERT.")
return
}
}
if randomBytes != "" {
c.Redirect(302, redirect_uri+"?code="+randomBytes+"&state="+state)