From 8c108ceeeba16d0e9d64c969846748094fb43bb60ca088e85ada52c354f697cc Mon Sep 17 00:00:00 2001 From: RavenX8 <7156279+RavenX8@users.noreply.github.com> Date: Wed, 8 Jan 2025 12:37:17 -0500 Subject: [PATCH] - fix: issue where you could login if you had a valid token but an invalid session --- auth-service/src/grpc.rs | 32 +++++++++++++++++++++++++++----- 1 file changed, 27 insertions(+), 5 deletions(-) diff --git a/auth-service/src/grpc.rs b/auth-service/src/grpc.rs index ec0fdef..04a9033 100644 --- a/auth-service/src/grpc.rs +++ b/auth-service/src/grpc.rs @@ -78,11 +78,33 @@ impl AuthService for MyAuthService { let req = request.into_inner(); match validate_token(&req.token) { - Ok(user_data) => Ok(Response::new(ValidateTokenResponse { - valid: true, - user_id: user_data.0, - session_id: user_data.1, - })), + Ok(user_data) => { + let response = self + .session_client.as_ref().clone() + .get_session(GetSessionRequest { + session_id: user_data.1.clone(), + }) + .await; + match response { + Ok(res) => { + debug!("Session valid: {:?}", res.into_inner()); + Ok(Response::new(ValidateTokenResponse { + valid: true, + user_id: user_data.0, + session_id: user_data.1, + })) + } + Err(_) => { + debug!("Session invalid or not found"); + Ok(Response::new(ValidateTokenResponse { + valid: false, + user_id: "".to_string(), + session_id: "".to_string(), + })) + } + } + + }, Err(_) => Ok(Response::new(ValidateTokenResponse { valid: false, user_id: "".to_string(),