Mirror/SponsorBlockServer
1
0
Fork 0
mirror of https://github.com/ajayyy/SponsorBlockServer.git synced 2025-12-14 15:37:07 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix ad feature auth logic

Browse Source
This commit is contained in:
Ajay
2022-07-28 13:55:43 -04:00
parent b9354e44ae
commit af7634b498
3 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/routes/addFeature.ts
View File

@@ -3,7 +3,7 @@ import { db } from "../databases/databases";
import { config } from "../config";
import { Request, Response } from "express";
import { isUserVIP } from "../utils/isUserVIP";
import { Feature, HashedUserID } from "../types/user.model";
import { Feature, HashedUserID, UserID } from "../types/user.model";
import { Logger } from "../utils/logger";
import { QueryCacher } from "../utils/queryCacher";
@@ -38,11 +38,11 @@ export async function addFeature(req: AddFeatureRequest, res: Response): Promise
}
// hash the userID
const adminUserIDInput = await getHashCache(adminUserID);
const isAdmin = adminUserIDInput !== config.adminUserID;
const isVIP = (await isUserVIP(userID)) || isAdmin;
const adminUserIDInput = await getHashCache(adminUserID as UserID);
const isAdmin = adminUserIDInput === config.adminUserID;
const isVIP = (await isUserVIP(adminUserIDInput)) || isAdmin;
if (!isAdmin && !isVIP) {
if (!isVIP) {
// not authorized
return res.sendStatus(403);
}

2
src/utils/isUserVIP.ts
View File

@@ -2,6 +2,6 @@ import { db } from "../databases/databases";
import { HashedUserID } from "../types/user.model";
export async function isUserVIP(userID: HashedUserID): Promise<boolean> {
return (await db.prepare("get", `SELECT count(*) as "userCount" FROM "vipUsers" WHERE "userID" = ? LIMIT 1`,
return (await db.prepare("get", `SELECT count(*) as "userCount" FROM "vipUsers" WHERE "userID" = ? LIMIT 1`,
[userID], { useReplica: true }))?.userCount > 0;
}