From d04785d2d3783d7e14047d8b47e88f1f23742ea9 Mon Sep 17 00:00:00 2001 From: Arzumify Date: Tue, 25 Jun 2024 01:49:45 +0100 Subject: [PATCH] Made /api/auth clear out the database of any ongoing login attempts before proceeding --- main.go | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/main.go b/main.go index 1acb76c..f5fac0e 100644 --- a/main.go +++ b/main.go @@ -15,7 +15,6 @@ import ( "encoding/pem" "errors" "fmt" - "github.com/mattn/go-sqlite3" "log" "math/big" "os" @@ -931,16 +930,18 @@ func main() { return } + _, err = mem.Exec("DELETE FROM logins WHERE creator = ?", userid) + if err != nil { + log.Println("[ERROR] Unknown in /api/auth delete at", strconv.FormatInt(time.Now().Unix(), 10)+":", err) + c.String(500, "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more info. Your error code is: UNKNOWN-API-AUTH-DELETE.") + return + } + _, err = mem.Exec("INSERT INTO logins (appId, exchangeCode, loginToken, creator, openid, pkce, pkcemethod) VALUES (?, ?, ?, ?, ?, ?, ?)", appId, randomBytes, secret_token, userid, jwt_token, code, codeMethod) if err != nil { - if errors.Is(err, sqlite3.ErrConstraintUnique) { - c.String(400, "Only one login is permitted at a time. Please try again later.") - return - } else { - log.Println("[ERROR] Unknown in /api/auth insert at", strconv.FormatInt(time.Now().Unix(), 10)+":", err) - c.String(500, "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more info. Your error code is: UNKNOWN-API-AUTH-INSERT.") - return - } + log.Println("[ERROR] Unknown in /api/auth insert at", strconv.FormatInt(time.Now().Unix(), 10)+":", err) + c.String(500, "Something went wrong on our end. Please report this bug at https://centrifuge.hectabit.org/hectabit/burgerauth and refer to the docs for more info. Your error code is: UNKNOWN-API-AUTH-INSERT.") + return } if randomBytes != "" {