Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 cartsnitch-cto[bot]
|
440f92e96e | ||
|
cartsnitch-ceo[bot]
|
97bbdf68a5 | ||
|
CartSnitch Engineer Bot
|
02e5bee390 | ||
|
CartSnitch Engineer Bot
|
d475b3876a | ||
|
cartsnitch-qa[bot]
|
76bcc53992 |
@@ -5,6 +5,7 @@ Sessions are verified by querying the shared sessions table directly.
|
||||
"""
|
||||
|
||||
from datetime import UTC, datetime
|
||||
from hashlib import sha256
|
||||
from uuid import UUID
|
||||
|
||||
from fastapi import Cookie, Depends, Header, HTTPException, Request, status
|
||||
@@ -27,10 +28,13 @@ async def _validate_session_token(token: str, db: AsyncSession) -> UUID:
|
||||
"""Validate a Better-Auth session token against the sessions table.
|
||||
|
||||
Returns the user_id (as UUID) if the session is valid and not expired.
|
||||
Better-Auth v1.5.6+ stores tokens as SHA-256 hashes, so we hash the
|
||||
incoming raw token before querying.
|
||||
"""
|
||||
hashed_token = sha256(token.encode("utf-8")).hexdigest()
|
||||
result = await db.execute(
|
||||
text("SELECT user_id, expires_at FROM sessions WHERE token = :token"),
|
||||
{"token": token},
|
||||
{"token": hashed_token},
|
||||
)
|
||||
row = result.first()
|
||||
|
||||
|
||||
+2
-2
@@ -35,7 +35,7 @@ export function useProduct(id: string) {
|
||||
export function usePriceHistory(productId: string) {
|
||||
return useQuery({
|
||||
queryKey: ['priceHistory', productId],
|
||||
queryFn: () => api.get<PriceHistory[]>(`/products/${productId}/price-history`),
|
||||
queryFn: () => api.get<PriceHistory[]>(`/products/${productId}/prices`),
|
||||
enabled: !!productId,
|
||||
})
|
||||
}
|
||||
@@ -50,6 +50,6 @@ export function useCoupons() {
|
||||
export function usePriceAlerts() {
|
||||
return useQuery({
|
||||
queryKey: ['priceAlerts'],
|
||||
queryFn: () => api.get<PriceAlert[]>('/price-alerts'),
|
||||
queryFn: () => api.get<PriceAlert[]>('/alerts'),
|
||||
})
|
||||
}
|
||||
|
||||
+2
-2
@@ -15,7 +15,7 @@ const mockRoutes: Record<string, (path: string) => unknown> = {
|
||||
'/purchases': () => mockPurchases,
|
||||
'/products': () => mockProducts,
|
||||
'/coupons': () => mockCoupons,
|
||||
'/price-alerts': () => mockAlerts,
|
||||
'/alerts': () => mockAlerts,
|
||||
}
|
||||
|
||||
function matchMockRoute<T>(path: string): T | null {
|
||||
@@ -30,7 +30,7 @@ function matchMockRoute<T>(path: string): T | null {
|
||||
}
|
||||
|
||||
// /products/:id/price-history
|
||||
const priceHistoryMatch = path.match(/^\/products\/(.+)\/price-history$/)
|
||||
const priceHistoryMatch = path.match(/^\/products\/(.+)\/prices$/)
|
||||
if (priceHistoryMatch) {
|
||||
return getMockPriceHistory(priceHistoryMatch[1]) as T
|
||||
}
|
||||
|
||||
@@ -61,5 +61,5 @@ export const handlers = [
|
||||
http.get('/api/v1/products', () => HttpResponse.json(mockProducts)),
|
||||
http.get('/api/v1/products/prod_1', () => HttpResponse.json(mockProducts[0])),
|
||||
http.get('/api/v1/coupons', () => HttpResponse.json(mockCoupons)),
|
||||
http.get('/api/v1/price-alerts', () => HttpResponse.json(mockAlerts)),
|
||||
http.get('/api/v1/alerts', () => HttpResponse.json(mockAlerts)),
|
||||
]
|
||||
|
||||
Reference in New Issue
Block a user