From 2162f216360129f147da1fd5f3d8fae5233c0d1d Mon Sep 17 00:00:00 2001 From: tobi <31960611+tsmethurst@users.noreply.github.com> Date: Thu, 26 Aug 2021 19:56:40 +0200 Subject: [PATCH] fix broken db queries in auth (#160) --- internal/api/client/auth/authorize.go | 4 ++-- internal/api/client/auth/callback.go | 6 ++---- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/internal/api/client/auth/authorize.go b/internal/api/client/auth/authorize.go index 0328f3b21..d7ea65cca 100644 --- a/internal/api/client/auth/authorize.go +++ b/internal/api/client/auth/authorize.go @@ -71,7 +71,7 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) { return } app := >smodel.Application{} - if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: app.ClientID}}, app); err != nil { + if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: clientID}}, app); err != nil { m.clearSession(s) c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("no application found for client id %s", clientID)}) return @@ -79,7 +79,7 @@ func (m *Module) AuthorizeGETHandler(c *gin.Context) { // we can also use the userid of the user to fetch their username from the db to greet them nicely <3 user := >smodel.User{} - if err := m.db.GetByID(c.Request.Context(), user.ID, user); err != nil { + if err := m.db.GetByID(c.Request.Context(), userID, user); err != nil { m.clearSession(s) c.JSON(http.StatusInternalServerError, gin.H{"error": err.Error()}) return diff --git a/internal/api/client/auth/callback.go b/internal/api/client/auth/callback.go index cbb429352..c2fbfb486 100644 --- a/internal/api/client/auth/callback.go +++ b/internal/api/client/auth/callback.go @@ -78,10 +78,8 @@ func (m *Module) CallbackGETHandler(c *gin.Context) { c.JSON(http.StatusInternalServerError, gin.H{"error": "no client_id found in session during callback"}) return } - app := >smodel.Application{ - ClientID: clientID, - } - if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: app.ClientID}}, app); err != nil { + app := >smodel.Application{} + if err := m.db.GetWhere(c.Request.Context(), []db.Where{{Key: sessionClientID, Value: clientID}}, app); err != nil { m.clearSession(s) c.JSON(http.StatusInternalServerError, gin.H{"error": fmt.Sprintf("no application found for client id %s", clientID)}) return