external/SponsorBlockServer
1
0
Fork 0
mirror of https://github.com/ajayyy/SponsorBlockServer.git synced 2024-11-10 01:02:30 +01:00
Code Issues Projects Releases Packages Wiki Activity

use isUserVIP instead

Browse source
This commit is contained in:
Michael C 2021-06-18 18:44:43 -04:00
parent c13bc6cfbd
commit b84241c6ad
No known key found for this signature in database
GPG key ID: FFB04FB3B878B7B4
1 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
src/routes/postClearCache.ts
View file

@ -1,17 +1,16 @@
import { Logger } from '../utils/logger'; import { Logger } from '../utils/logger';
import { db } from '../databases/databases'; import { HashedUserID, UserID } from '../types/user.model';
import { getHash } from '../utils/getHash'; import { getHash } from '../utils/getHash';
import { Request, Response } from 'express'; import { Request, Response } from 'express';
import { Service, VideoID } from '../types/segments.model'; import { Service, VideoID } from '../types/segments.model';
import { QueryCacher } from '../utils/queryCacher'; import { QueryCacher } from '../utils/queryCacher';
import { UserID } from '../types/user.model'; import { isUserVIP } from '../utils/isUserVIP';
import { VideoIDHash } from "../types/segments.model";
export async function postClearCache(req: Request, res: Response) { export async function postClearCache(req: Request, res: Response) {
const videoID = req.query.videoID as VideoID; const videoID = req.query.videoID as VideoID;
let userID = req.query.userID as UserID; let userID = req.query.userID as UserID;
const service = req.query.service as Service ?? Service.YouTube; const service = req.query.service as Service ?? Service.YouTube;
// hash the userID as early as possible
userID = getHash(userID);
const invalidFields = []; const invalidFields = [];
if (typeof videoID !== 'string') { if (typeof videoID !== 'string') {
@ -28,13 +27,14 @@ export async function postClearCache(req: Request, res: Response) {
return false; return false;
} }
// hash the userID as early as possible
const hashedUserID: HashedUserID = getHash(userID);
// hash videoID // hash videoID
const hashedVideoID = getHash(videoID, 1); const hashedVideoID: VideoIDHash = getHash(videoID, 1);
const isVIP = (await db.prepare("get", `SELECT count(*) as "userCount" FROM "vipUsers" WHERE "userID" = ?`, [userID])).userCount > 0;
// Ensure user is a VIP // Ensure user is a VIP
if (!isVIP) { if (!await isUserVIP(hashedUserID)){
Logger.warn("Permission violation: User " + userID + " attempted to clear cache for video " + videoID + "."); Logger.warn("Permission violation: User " + hashedUserID + " attempted to clear cache for video " + videoID + ".");
res.status(403).json({"message": "Not a VIP"}); res.status(403).json({"message": "Not a VIP"});
return false; return false;
} }