From 85c0f37e17f4897c44508c34fce0478b3631027d Mon Sep 17 00:00:00 2001
From: iou1name <iou1name@national.shitposting.agency>
Date: Fri, 14 Aug 2020 23:47:25 -0400
Subject: [PATCH] fix delete_session()

---
 auth.py    | 2 +-
 buckler.py | 7 ++++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/auth.py b/auth.py
index 38b8f0a..bb39435 100644
--- a/auth.py
+++ b/auth.py
@@ -30,7 +30,7 @@ def auth_required(func):
 		login_url = request.app.router['login'].url_for()
 		sid = request.cookies.get('session')
 		try:
-			user_id = int(request.cookies.get('userid', '0'))
+			user_id = int(request.cookies.get('userid'))
 		except (ValueError, TypeError):
 			user_id = None
 		if not sid or not user_id:
diff --git a/buckler.py b/buckler.py
index 26606a9..c78785e 100644
--- a/buckler.py
+++ b/buckler.py
@@ -38,11 +38,11 @@ async def index(request):
 			'new_app': forms.new_app,
 			'change_password': forms.change_password,
 			'delete_key': forms.delete_key,
-			'delele_session': forms.delete_session,
+			'delete_session': forms.delete_session,
 		}
 
 		if not forms_.get(form):
-			errors = {'main': "Unknown form id: {form}"}
+			errors = {'main': f"Unknown form id: {form}"}
 		else:
 			errors = await forms_[form](request)
 
@@ -65,7 +65,8 @@ async def index(request):
 			request['session']['id'])
 		active_sessions = await conn.fetch(
 			"SELECT id, ip_address, date_created, last_used FROM user_session "
-			"WHERE user_id = $1 ORDER BY last_used DESC",
+			"WHERE user_id = $1 AND expires > NOW() "
+			"ORDER BY last_used DESC",
 			request['session']['id'])
 
 	if request['session']['admin']: