iou1name/Buckler
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

last_used only updates the key that was used

Browse Source
This commit is contained in:
iou1name 2019-09-26 19:23:04 -04:00
parent 448b5048d8
commit 06cf8161e9
2 changed files with 7 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
auth.py
View File

@ -53,8 +53,8 @@ def auth_required(func):
await conn.execute(
"UPDATE user_session SET last_used = NOW(), "
"expires = NOW() + INTERVAL '30 DAYS' "
"WHERE user_id = $1",
user_id)
"WHERE user_id = $1 AND id = $2",
user_id, sid)
resp.set_cookie(
'userid',
user_id,

12
buckler.py
View File

@ -224,13 +224,11 @@ async def get_session(request):
app = await conn.fetchrow("SELECT * FROM app_info WHERE id = $1", app_id)
if app:
if argon2.verify(app_key, app['key_hash']):
sessions = await conn.fetch(
session = await conn.fetchrow(
"SELECT * FROM user_session "
"WHERE user_id = $1 AND expires > NOW()",
user_id)
session = [s for s in sessions if s.get('id') == user_sid]
"WHERE user_id = $1 AND id = $2 AND expires > NOW()",
user_id, user_sid)
if session:
session = session[0]
data = await conn.fetchrow(
"SELECT user_info.username, app_user.session_data "
"FROM user_info LEFT JOIN app_user "
@ -244,8 +242,8 @@ async def get_session(request):
await conn.execute(
"UPDATE user_session SET last_used = NOW(), "
"expires = NOW() + INTERVAL '30 DAYS' "
"WHERE user_id = $1",
user_id)
"WHERE user_id = $1 AND id = $2",
user_id, user_sid)
await conn.close()
data_meta = dict(data)