Skip to content

Commit

Permalink
Merge pull request #1608 from stakwork/feat/signin_duplicate
Browse files Browse the repository at this point in the history 
Changed sign in challenge to random string
  • Loading branch information
@elraphty
elraphty authored Apr 5, 2024
2 parents 201b373 + b780c61 commit f196707
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 7 deletions.
6 changes: 3 additions & 3 deletions db/db.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1778,13 +1778,13 @@ func (db database) GetOrganizationStatusBudget(org_uuid string) StatusBudget {
orgBudget := db.GetOrganizationBudget(org_uuid)

var openBudget uint
db.db.Model(&Bounty{}).Where("assignee = '' ").Select("SUM(price)").Row().Scan(&openBudget)
db.db.Model(&Bounty{}).Where("assignee = '' ").Where("paid != true").Select("SUM(price)").Row().Scan(&openBudget)

var assignedBudget uint
db.db.Model(&Bounty{}).Where("assignee != '' ").Select("SUM(price)").Row().Scan(&assignedBudget)
db.db.Model(&Bounty{}).Where("assignee != '' ").Where("paid != true").Select("SUM(price)").Row().Scan(&assignedBudget)

var completedBudget uint
db.db.Model(&Bounty{}).Where("completed = true ").Select("SUM(price)").Row().Scan(&completedBudget)
db.db.Model(&Bounty{}).Where("completed = true ").Where("paid != true").Select("SUM(price)").Row().Scan(&completedBudget)

statusBudget := StatusBudget{
OrgUuid: org_uuid,
Expand Down
11 changes: 7 additions & 4 deletions db/store.go
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,18 @@
package db

import (
"encoding/base64"
"encoding/json"
"errors"
"fmt"
"io"
"net/http"
"strconv"
"sync"
"time"

"github.com/go-chi/chi"
"github.com/patrickmn/go-cache"
"github.com/rs/xid"
"github.com/stakwork/sphinx-tribes/auth"
"github.com/stakwork/sphinx-tribes/config"
)
Expand Down Expand Up @@ -132,10 +133,11 @@ func (s StoreData) GetChallengeCache(key string) (string, error) {
}

func Ask(w http.ResponseWriter, r *http.Request) {
var m sync.Mutex
m.Lock()

ts := strconv.Itoa(int(time.Now().Unix()))
h := []byte(ts)
// h := blake2b.Sum256([]byte(ts))
challenge := base64.URLEncoding.EncodeToString(h[:])
challenge := xid.New().String()

Store.SetChallengeCache(challenge, ts)

Expand All @@ -144,6 +146,7 @@ func Ask(w http.ResponseWriter, r *http.Request) {
"challenge": challenge,
"ts": ts,
})
m.Unlock()
}

type VerifyPayload struct {
Expand Down

0 comments on commit f196707

Please sign in to comment.