Ailur-Archives
/
hectabit-oauth2
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Conn is goofy

This commit is contained in:
Tracker-Friendly 2024-03-28 18:01:17 +00:00
parent af5ee01f0d
commit b69bfabddb
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
main
View File

@ -199,7 +199,7 @@ async def apiopeniduserinfo():
access_token = request.headers.get('Authorization').split(' ')[1] access_token = request.headers.get('Authorization').split(' ')[1]
conn = get_db_connection() conn = get_db_connection()
userid = int(conn.execute("SELECT creator FROM logins WHERE code = ?", (str(access_token))).fetchone()) userid = int(conn.execute("SELECT creator FROM logins WHERE code = ?", (str(access_token),)).fetchone())
user = get_user(userid) user = get_user(userid)
datatemplate = { datatemplate = {
@ -220,7 +220,7 @@ async def apiauthenticate():
conn = get_db_connection() conn = get_db_connection()
secretkey = str(secrets.token_hex(512)) secretkey = str(secrets.token_hex(512))
clientidcheck = str(conn.execute("SELECT appId FROM oauth WHERE appId = ?", (str(appId))).fetchone()) clientidcheck = str(conn.execute("SELECT appId FROM oauth WHERE appId = ?", (str(appId),)).fetchone())
if not str(clientidcheck) == str(appId): if not str(clientidcheck) == str(appId):
return {}, 401 return {}, 401
@ -251,11 +251,11 @@ async def apitokenexchange():
"id_token": str(conn.execute("SELECT openid FROM logins WHERE appId = ? AND code = ?", (str(appId), str(code))).fetchone()) "id_token": str(conn.execute("SELECT openid FROM logins WHERE appId = ? AND code = ?", (str(appId), str(code))).fetchone())
} }
clientidcheck = str(conn.execute("SELECT appId FROM oauth WHERE appId = ?", (str(appId))).fetchone()) clientidcheck = str(conn.execute("SELECT appId FROM oauth WHERE appId = ?", (str(appId),)).fetchone())
if not str(clientidcheck) == str(appId): if not str(clientidcheck) == str(appId):
return {}, 401 return {}, 401
secretcheck = str(conn.execute("SELECT secret FROM oauth WHERE appId = ?", (str(appId))).fetchone()) secretcheck = str(conn.execute("SELECT secret FROM oauth WHERE appId = ?", (str(appId),)).fetchone())
if not str(secretcheck) == str(secret): if not str(secretcheck) == str(secret):
return {}, 402 return {}, 402
@ -274,13 +274,13 @@ async def apicreateauth():
secret = str(secrets.token_hex(512)) secret = str(secrets.token_hex(512))
conn = get_db_connection() conn = get_db_connection()
while True: while True:
if not secret == str(conn.execute("SELECT secret FROM oauth WHERE secret = ?", (str(secret))).fetchone()): if not secret == str(conn.execute("SELECT secret FROM oauth WHERE secret = ?", (str(secret),)).fetchone()):
break break
else: else:
secret = str(secrets.token_hex(512)) secret = str(secrets.token_hex(512))
continue continue
if clientId == str(conn.execute("SELECT secret FROM oauth WHERE clientId = ?", (str(clientId))).fetchone()): if clientId == str(conn.execute("SELECT secret FROM oauth WHERE clientId = ?", (str(clientId),)).fetchone()):
return 401 return 401
userCookie = get_session(secretKey) userCookie = get_session(secretKey)