Allow impersonating users via the api token, bypassing oauth

2022-10-18 17:36:54 -07:00 · 2022-10-18 17:36:54 -07:00 · c410935c9c
commit c410935c9c
parent 5e57a33df7
5 changed files with 98 additions and 35 deletions
--- a/crates/collab/src/api.rs
+++ b/crates/collab/src/api.rs
@ -88,7 +88,7 @@ pub async fn validate_api_token<B>(req: Request<B>, next: Next<B>) -> impl IntoR

 #[derive(Debug, Deserialize)]
 struct AuthenticatedUserParams {
-    github_user_id: i32,
+    github_user_id: Option<i32>,
    github_login: String,
 }

@ -104,7 +104,7 @@ async fn get_authenticated_user(
 ) -> Result<Json<AuthenticatedUserResponse>> {
    let user = app
        .db
-        .get_user_by_github_account(&params.github_login, Some(params.github_user_id))
+        .get_user_by_github_account(&params.github_login, params.github_user_id)
        .await?
        .ok_or_else(|| Error::Http(StatusCode::NOT_FOUND, "user not found".into()))?;
    let metrics_id = app.db.get_user_metrics_id(user.id).await?;