From c5cd65eba355e66589298cbe88fe3489e0fcebae Mon Sep 17 00:00:00 2001 From: Akshay Date: Fri, 15 Nov 2024 21:25:27 +0000 Subject: invalidate registered tokens properly --- src/invite.js | 2 +- src/public/styles.css | 1 + src/routes/index.js | 6 +++--- 3 files changed, 5 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/invite.js b/src/invite.js index 0f6624c..7e357ac 100644 --- a/src/invite.js +++ b/src/invite.js @@ -11,7 +11,7 @@ const validateInviteToken = async (req, res, next) => { } const invite = db - .query("SELECT * FROM invites WHERE token = $token AND usedAt IS null") + .query("SELECT * FROM invites WHERE token = $token") .get({ token }); if (!invite) { diff --git a/src/public/styles.css b/src/public/styles.css index 523e81b..2f39234 100644 --- a/src/public/styles.css +++ b/src/public/styles.css @@ -499,6 +499,7 @@ form input[type="submit"]:hover { } .register-error-message { + margin-bottom: 1rem; flex-flow: row wrap; color: var(--error-text-color); } diff --git a/src/routes/index.js b/src/routes/index.js index 8529595..6efeb79 100644 --- a/src/routes/index.js +++ b/src/routes/index.js @@ -20,7 +20,6 @@ router.get("/", authenticateToken, async (req, res) => { res.redirect("/r/all"); } else { const p = subs.map((s) => s.subreddit).join("+"); - console.log(p); res.redirect(`/r/${p}`); } }); @@ -143,7 +142,9 @@ router.post("/register", validateInviteToken, async (req, res) => { try { const hashedPassword = await Bun.password.hash(password); - db.query("UPDATE invites SET usedAt = CURRENT_TIMESTAMP WHERE id = $id", { + db.query( + "UPDATE invites SET usedAt = CURRENT_TIMESTAMP WHERE id = $id", + ).run({ id: req.invite.id, }); @@ -165,7 +166,6 @@ router.post("/register", validateInviteToken, async (req, res) => { }) .redirect("/"); } catch (err) { - console.log(err); return res.render("register", { message: "error registering user, try again later", }); -- cgit v1.2.3