Mirror/SponsorBlockServer
1
0
Fork 0
mirror of https://github.com/ajayyy/SponsorBlockServer.git synced 2025-12-15 07:57:05 +03:00
Code Issues Packages Projects Releases Wiki Activity

Fix ad feature auth logic

Browse Source
This commit is contained in:
Ajay
2022-07-28 13:55:43 -04:00
parent b9354e44ae
commit af7634b498
3 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/routes/addFeature.ts
View File

@@ -3,7 +3,7 @@ import { db } from "../databases/databases";
import { config } from "../config";
import { Request, Response } from "express";
import { isUserVIP } from "../utils/isUserVIP";
import { Feature, HashedUserID } from "../types/user.model";
import { Feature, HashedUserID, UserID } from "../types/user.model";
import { Logger } from "../utils/logger";
import { QueryCacher } from "../utils/queryCacher";
@@ -38,11 +38,11 @@ export async function addFeature(req: AddFeatureRequest, res: Response): Promise
}
// hash the userID
const adminUserIDInput = await getHashCache(adminUserID);
const isAdmin = adminUserIDInput !== config.adminUserID;
const isVIP = (await isUserVIP(userID)) || isAdmin;
const adminUserIDInput = await getHashCache(adminUserID as UserID);
const isAdmin = adminUserIDInput === config.adminUserID;
const isVIP = (await isUserVIP(adminUserIDInput)) || isAdmin;
if (!isAdmin && !isVIP) {
if (!isVIP) {
// not authorized
return res.sendStatus(403);
}