sherl/hermes
1
0
Fork 0
mirror of https://github.com/GCMatters/hermes.git synced 2026-02-04 21:50:12 +01:00
Code Issues Packages Projects Releases Wiki Activity

feat: secure existing events endpoints by validating the token cookie

Browse Source
This commit is contained in:
eee4
2025-05-18 13:45:54 +02:00
parent fc1ff88f3d
commit 9034c058f0
2 changed files with 17 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
WebApp/Endpoints/GeneralUseHelperFunctions.cs
View File

@@ -25,7 +25,7 @@ public class GeneralUseHelpers
{
// Zwróci null, gdy nie znaleziono użytkownika
if (t is null) return null;
User? user = await _context.WebUsers.FindAsync(t.Value);
User? user = await _context.WebUsers.FindAsync(t.UserId);
return user;
}
@@ -35,7 +35,7 @@ public class GeneralUseHelpers
User? user = await GetUserFromToken(t);
if (user is not null && user.IsOrganisation)
{
Organisation? org = await _context.Organisations.FindAsync(t.UserId);
Organisation? org = await _context.Organisations.FirstOrDefaultAsync(o => o.UserId == t.UserId);
if (org is null)
{