mirrors/nadeko_invidious
1
0
Fork 0
mirror of https://git.nadeko.net/Fijxu/invidious.git synced 2025-12-17 02:18:51 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Move DB queries related to session tokens in a separate module

Browse Source
This commit is contained in:
Samantaz Fox
2021-12-02 23:57:13 +01:00
parent c021b93b5c
commit 92eea3b18b
8 changed files with 140 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/invidious/helpers/handlers.cr
View File

@@ -99,7 +99,7 @@ class AuthHandler < Kemal::Handler
session = URI.decode_www_form(token["session"].as_s)
scopes, expire, signature = validate_request(token, session, env.request, HMAC_KEY, PG_DB, nil)
if email = PG_DB.query_one?("SELECT email FROM session_ids WHERE id = $1", session, as: String)
if email = Invidious::Database::SessionIDs.select_email(session)
user = PG_DB.query_one("SELECT * FROM users WHERE email = $1", email, as: User)
end
elsif sid = env.request.cookies["SID"]?.try &.value
@@ -107,7 +107,7 @@ class AuthHandler < Kemal::Handler
raise "Cannot use token as SID"
end
if email = PG_DB.query_one?("SELECT email FROM session_ids WHERE id = $1", sid, as: String)
if email = Invidious::Database::SessionIDs.select_email(sid)
user = PG_DB.query_one("SELECT * FROM users WHERE email = $1", email, as: User)
end