stereo.cat/backend
2
0
Fork 0
Code Issues 2 Pull requests Projects Releases Packages Wiki Activity Actions

use array instead of map

Browse source
This commit is contained in:
grngxd 2025-07-31 11:07:46 +01:00
parent b906736af8
commit 8ca089ecfb
1 changed files with 18 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

29
internal/api/routes/auth.go
View file

@ -34,8 +34,8 @@ import (
"stereo.cat/backend/internal/types" "stereo.cat/backend/internal/types"
) )
var oauthStates = make(map[string]struct{}) var states []string
var oauthStatesMu sync.Mutex var statesMutex sync.Mutex
func generateState(length int) (string, error) { func generateState(length int) (string, error) {
b := make([]byte, length) b := make([]byte, length)
@ -54,9 +54,9 @@ func RegisterAuthRoutes(cfg *types.StereoConfig, api *gin.RouterGroup) {
return return
} }
oauthStatesMu.Lock() statesMutex.Lock()
oauthStates[state] = struct{}{} states = append(states, state)
oauthStatesMu.Unlock() statesMutex.Unlock()
discordURL := fmt.Sprintf( discordURL := fmt.Sprintf(
"https://discord.com/oauth2/authorize?client_id=%s&response_type=code&redirect_uri=%s&scope=identify%%20email&state=%s", "https://discord.com/oauth2/authorize?client_id=%s&response_type=code&redirect_uri=%s&scope=identify%%20email&state=%s",
@ -77,13 +77,20 @@ func RegisterAuthRoutes(cfg *types.StereoConfig, api *gin.RouterGroup) {
code := c.Query("code") code := c.Query("code")
state := c.Query("state") state := c.Query("state")
oauthStatesMu.Lock() statesMutex.Lock()
_, ok := oauthStates[state]
if ok { found := false
delete(oauthStates, state) for i, s := range states {
if s == state {
states = append(states[:i], states[i+1:]...)
found = true
break
}
} }
oauthStatesMu.Unlock()
if !ok { statesMutex.Unlock()
if !found {
c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": "Invalid state"}) c.AbortWithStatusJSON(http.StatusBadRequest, gin.H{"error": "Invalid state"})
return return
} }