Union/ProjectLighthouse
1
0
Fork 0
mirror of https://github.com/LBPUnion/ProjectLighthouse.git synced 2025-06-02 22:22:28 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

Fix bug where redirect handler would fetch wrong token

Browse source
This commit is contained in:
Slendy 2022-12-14 01:14:58 -06:00
parent 6024d44508
commit 28ff0ddc1d
No known key found for this signature in database
GPG key ID: 7288D68361B91428
2 changed files with 10 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

11
ProjectLighthouse.Servers.Website/Middlewares/UserRequiredRedirectMiddleware.cs
View file

@ -13,14 +13,19 @@ public class UserRequiredRedirectMiddleware : MiddlewareDBContext
public override async Task InvokeAsync(HttpContext ctx, Database database) public override async Task InvokeAsync(HttpContext ctx, Database database)
{ {
User? user = database.UserFromWebRequest(ctx.Request); WebToken? token = database.WebTokenFromRequest(ctx.Request);
if (user == null || pathContains(ctx, "/logout")) if (token == null || pathContains(ctx, "/logout"))
{ {
await this.next(ctx); await this.next(ctx);
return; return;
} }
WebToken token = await database.WebTokens.FirstAsync(t => t.UserId == user.UserId); User? user = await database.Users.FirstOrDefaultAsync(u => u.UserId == token.UserId);
if (user == null)
{
await this.next(ctx);
return;
}
// Request ends with a path (e.g. /css/style.css) // Request ends with a path (e.g. /css/style.css)
if (!string.IsNullOrEmpty(Path.GetExtension(ctx.Request.Path)) || pathContains(ctx, "/gameAssets")) if (!string.IsNullOrEmpty(Path.GetExtension(ctx.Request.Path)) || pathContains(ctx, "/gameAssets"))

4
ProjectLighthouse/Database.cs
View file

@ -431,14 +431,14 @@ public class Database : DbContext
public User? UserFromWebRequest(HttpRequest request) public User? UserFromWebRequest(HttpRequest request)
{ {
if (!request.Cookies.TryGetValue("LighthouseToken", out string? lighthouseToken) || lighthouseToken == null) return null; if (!request.Cookies.TryGetValue("LighthouseToken", out string? lighthouseToken)) return null;
return this.UserFromLighthouseToken(lighthouseToken); return this.UserFromLighthouseToken(lighthouseToken);
} }
public WebToken? WebTokenFromRequest(HttpRequest request) public WebToken? WebTokenFromRequest(HttpRequest request)
{ {
if (!request.Cookies.TryGetValue("LighthouseToken", out string? lighthouseToken) || lighthouseToken == null) return null; if (!request.Cookies.TryGetValue("LighthouseToken", out string? lighthouseToken)) return null;
WebToken? token = this.WebTokens.FirstOrDefault(t => t.UserToken == lighthouseToken); WebToken? token = this.WebTokens.FirstOrDefault(t => t.UserToken == lighthouseToken);
if (token == null) return null; if (token == null) return null;