Fix bug where an unauthorized request could crash the server
This commit is contained in:
parent
7c603cb4df
commit
dfc89123f6
|
@ -33,14 +33,20 @@ func NewUserLoaderByToken(db *gorm.DB) *UserLoader {
|
||||||
}
|
}
|
||||||
rows.Close()
|
rows.Close()
|
||||||
|
|
||||||
var users []*models.User
|
var userMap map[int]*models.User
|
||||||
if err := db.Where("id IN (?)", userIDs).Find(&users).Error; err != nil {
|
if len(userIDs) > 0 {
|
||||||
return nil, []error{err}
|
|
||||||
}
|
|
||||||
|
|
||||||
userMap := make(map[int]*models.User, len(users))
|
var users []*models.User
|
||||||
for _, user := range users {
|
if err := db.Where("id IN (?)", userIDs).Find(&users).Error; err != nil {
|
||||||
userMap[user.ID] = user
|
return nil, []error{err}
|
||||||
|
}
|
||||||
|
|
||||||
|
userMap = make(map[int]*models.User, len(users))
|
||||||
|
for _, user := range users {
|
||||||
|
userMap[user.ID] = user
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
userMap = make(map[int]*models.User, 0)
|
||||||
}
|
}
|
||||||
|
|
||||||
tokenMap := make(map[string]*models.AccessToken, len(tokens))
|
tokenMap := make(map[string]*models.AccessToken, len(tokens))
|
||||||
|
@ -51,11 +57,11 @@ func NewUserLoaderByToken(db *gorm.DB) *UserLoader {
|
||||||
result := make([]*models.User, len(tokens))
|
result := make([]*models.User, len(tokens))
|
||||||
for i, token := range tokens {
|
for i, token := range tokens {
|
||||||
accessToken, tokenFound := tokenMap[token]
|
accessToken, tokenFound := tokenMap[token]
|
||||||
user, userFound := userMap[accessToken.UserID]
|
if tokenFound {
|
||||||
if tokenFound && userFound {
|
user, userFound := userMap[accessToken.UserID]
|
||||||
result[i] = user
|
if userFound {
|
||||||
} else {
|
result[i] = user
|
||||||
result[i] = nil
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -70,6 +70,12 @@ const linkError = onError(({ graphQLErrors, networkError }) => {
|
||||||
content: `Received ${graphQLErrors.length} errors from the server. See the console for more information`,
|
content: `Received ${graphQLErrors.length} errors from the server. See the console for more information`,
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (graphQLErrors.find(x => x.message == 'unauthorized')) {
|
||||||
|
console.log('Unauthorized, clearing token cookie')
|
||||||
|
clearTokenCookie()
|
||||||
|
location.reload()
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (networkError) {
|
if (networkError) {
|
||||||
|
|
Loading…
Reference in New Issue