summaryrefslogtreecommitdiffstats
path: root/src/invidious.cr
diff options
context:
space:
mode:
Diffstat (limited to 'src/invidious.cr')
-rw-r--r--src/invidious.cr10
1 files changed, 5 insertions, 5 deletions
diff --git a/src/invidious.cr b/src/invidious.cr
index 97809160..94620a26 100644
--- a/src/invidious.cr
+++ b/src/invidious.cr
@@ -247,7 +247,7 @@ before_all do |env|
# Invidious users only have SID
if !env.request.cookies.has_key? "SSID"
- if email = PG_DB.query_one?("SELECT email FROM session_ids WHERE id = $1", sid, as: String)
+ if email = Invidious::Database::SessionIDs.select_email(sid)
user = PG_DB.query_one("SELECT * FROM users WHERE email = $1", email, as: User)
csrf_token = generate_response(sid, {
":authorize_token",
@@ -633,6 +633,7 @@ get "/subscription_manager" do |env|
end
user = user.as(User)
+ sid = sid.as(String)
if !user.password
# Refresh account
@@ -1008,7 +1009,7 @@ post "/delete_account" do |env|
view_name = "subscriptions_#{sha256(user.email)}"
PG_DB.exec("DELETE FROM users * WHERE email = $1", user.email)
- PG_DB.exec("DELETE FROM session_ids * WHERE email = $1", user.email)
+ Invidious::Database::SessionIDs.delete(email: user.email)
PG_DB.exec("DROP MATERIALIZED VIEW #{view_name}")
env.request.cookies.each do |cookie|
@@ -1150,8 +1151,7 @@ get "/token_manager" do |env|
end
user = user.as(User)
-
- tokens = PG_DB.query_all("SELECT id, issued FROM session_ids WHERE email = $1 ORDER BY issued DESC", user.email, as: {session: String, issued: Time})
+ tokens = Invidious::Database::SessionIDs.select_all(user.email)
templated "token_manager"
end
@@ -1200,7 +1200,7 @@ post "/token_ajax" do |env|
case action
when .starts_with? "action_revoke_token"
- PG_DB.exec("DELETE FROM session_ids * WHERE id = $1 AND email = $2", session, user.email)
+ Invidious::Database::SessionIDs.delete(sid: session, email: user.email)
else
next error_json(400, "Unsupported action #{action}")
end
generated by cgit v1.2.3 (git 2.39.1) at 2025-12-18 10:20:03 +0000