From 0717dc80eddab0d07ca68302975bdecde34bf327 Mon Sep 17 00:00:00 2001 From: Zaptoss Date: Tue, 18 Jun 2024 17:41:23 +0300 Subject: [PATCH] Fix auth in create balance. Fix points and level accruing after claim. --- internal/service/handlers/claim_event.go | 2 -- internal/service/handlers/create_balance.go | 6 ++++++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/internal/service/handlers/claim_event.go b/internal/service/handlers/claim_event.go index 30eab5d..d326d64 100644 --- a/internal/service/handlers/claim_event.go +++ b/internal/service/handlers/claim_event.go @@ -165,8 +165,6 @@ func DoClaimEventUpdates( if err = referralsQ.New().Insert(refToAdd...); err != nil { return fmt.Errorf("failed to insert referrals: %w", err) } - - return nil } err = balancesQ.FilterByNullifier(balance.Nullifier).Update(map[string]any{ diff --git a/internal/service/handlers/create_balance.go b/internal/service/handlers/create_balance.go index 1e85a64..7303837 100644 --- a/internal/service/handlers/create_balance.go +++ b/internal/service/handlers/create_balance.go @@ -5,6 +5,7 @@ import ( "fmt" "net/http" + "github.com/rarimo/decentralized-auth-svc/pkg/auth" "github.com/rarimo/rarime-points-svc/internal/data" "github.com/rarimo/rarime-points-svc/internal/data/evtypes" "github.com/rarimo/rarime-points-svc/internal/service/requests" @@ -21,6 +22,11 @@ func CreateBalance(w http.ResponseWriter, r *http.Request) { nullifier := req.Data.ID + if !auth.Authenticates(UserClaims(r), auth.UserGrant(nullifier)) { + ape.RenderErr(w, problems.Unauthorized()) + return + } + balance, err := BalancesQ(r).FilterByNullifier(nullifier).Get() if err != nil { Log(r).WithError(err).Error("Failed to get balance by nullifier")