BUGFIX: new user creation

2026-02-04 02:25:30 +00:00 · 2026-01-19 17:21:02 +01:00
parent 3017d4164b
commit 490738810b
3 changed files with 23 additions and 26 deletions
--- a/controllers/user_management_access.go
+++ b/controllers/user_management_access.go
@@ -71,7 +71,7 @@ func (p *UserManagementAccessPage) GET(engine *templating.Engine, app core.App)
 		// TODO: check if access token exists, if not generate
 		data := make(map[string]any)
 		data["role"] = role
-		data["access_url"] = "https://musenalm.de" + path_access + "?token=" + access_token.Token()
+		data["access_url"] = e.Request.Host + path_access + "?token=" + access_token.Token()
 		data["relative_url"] = path_access + "?token=" + access_token.Token()
 		data["validUntil"] = access_token.Expires().Time().Local().Format("02.01.2006 15:04")
@@ -117,7 +117,7 @@ func (p *UserManagementAccessPage) POST(engine *templating.Engine, app core.App)
 		data := make(map[string]any)
 		data["role"] = role
-		data["access_url"] = "https://musenalm.de" + path_access + "?token=" + token.Token()
+		data["access_url"] = e.Request.Host + path_access + "?token=" + token.Token()
 		data["relative_url"] = path_access + "?token=" + token.Token()
 		data["validUntil"] = token.Expires().Time().Format("02.01.2006 15:04")
 		data["csrf_token"] = req.Session().Token
--- a/dbmodels/queries.go
+++ b/dbmodels/queries.go
@@ -187,13 +187,13 @@ func Images_KeyPrefix(app core.App, prefix string) ([]*Image, error) {
 }
 func AccessTokens_Token(app core.App, token string) (*AccessToken, error) {
-	t := HashStringSHA256(token)
+	ret, err := TableByField[AccessToken](
 	return TableByField[*AccessToken](
 		app,
 		ACCESS_TOKENS_TABLE,
 		ACCESS_TOKENS_TOKEN_FIELD,
-		t,
+		token,
 	)
 	return &ret, err
 }
 func Users_Email(app core.App, email string) (*User, error) {
--- a/middleware/authenticated.go
+++ b/middleware/authenticated.go
@@ -25,6 +25,24 @@ func Authenticated(app core.App) func(*core.RequestEvent) error {
 			return e.Next()
 		}
 		token := e.Request.URL.Query().Get("token")
 		if token != "" {
 			a, err := dbmodels.AccessTokens_Token(app, token)
 			if err != nil {
 				slog.Error("Failed to find access token", "token", token, "error", err)
 			} else {
 				if a.User() != "" {
 					u, err := dbmodels.Users_ID(app, a.User())
 					if err != nil {
 						slog.Error("Failed to find access token user", "user", a.User(), "error", err)
 					} else {
 						e.Set("access_token_user", u.Fixed())
 					}
 				}
 				e.Set("access_token", a.Fixed())
 			}
 		}
 		cookie, err := e.Request.Cookie(dbmodels.SESSION_COOKIE_NAME)
 		if err != nil {
 			return e.Next()
@@ -73,27 +91,6 @@ func Authenticated(app core.App) func(*core.RequestEvent) error {
 		e.Set("user", user)
 		e.Set("session", session)
 		token := e.Request.URL.Query().Get("token")
 		if token != "" {
 			a, err := dbmodels.AccessTokens_Token(app, token)
 			if err != nil {
 				slog.Error("Failed to find access token", "token", token, "error", err)
 				return e.Next()
 			}
 			if a.User() != "" {
 				u, err := dbmodels.Users_ID(app, a.User())
 				if err != nil {
 					slog.Error("Failed to find access token user", "user", a.User(), "error", err)
 					return e.Next()
 				}
 				e.Set("access_token_user", u.Fixed())
 			}
 			e.Set("access_token", a.Fixed())
 		}
 		return e.Next()
 	}
 }