- fix: issue where you could login if you had a valid token but an invalid session

2025-01-08 12:37:17 -05:00
parent f4a421b7cb
commit 8c108ceeeb
1 changed files with 27 additions and 5 deletions
--- a/auth-service/src/grpc.rs
+++ b/auth-service/src/grpc.rs
@@ -78,11 +78,33 @@ impl AuthService for MyAuthService {
        let req = request.into_inner();

        match validate_token(&req.token) {
-            Ok(user_data) => Ok(Response::new(ValidateTokenResponse {
-                valid: true,
-                user_id: user_data.0,
-                session_id: user_data.1,
-            })),
+            Ok(user_data) => {
+                let response = self
+                    .session_client.as_ref().clone()
+                    .get_session(GetSessionRequest {
+                        session_id: user_data.1.clone(),
+                    })
+                    .await;
+                match response {
+                    Ok(res) => {
+                        debug!("Session valid: {:?}", res.into_inner());
+                        Ok(Response::new(ValidateTokenResponse {
+                            valid: true,
+                            user_id: user_data.0,
+                            session_id: user_data.1,
+                        }))
+                    }
+                    Err(_) => {
+                        debug!("Session invalid or not found");
+                        Ok(Response::new(ValidateTokenResponse {
+                            valid: false,
+                            user_id: "".to_string(),
+                            session_id: "".to_string(),
+                        }))
+                    }
+                }
+                
+            },
            Err(_) => Ok(Response::new(ValidateTokenResponse {
                valid: false,
                user_id: "".to_string(),