From b19a2b9a662fc8036fb1483c1efba9142ad30f6b Mon Sep 17 00:00:00 2001
From: elraphty <elraphtyofficial@gmail.com>
Date: Fri, 5 Apr 2024 16:59:01 +0100
Subject: [PATCH] added mutex lock on Ask function to avoid race condition

---
 db/store.go | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/db/store.go b/db/store.go
index f27874682..924ff0eb5 100644
--- a/db/store.go
+++ b/db/store.go
@@ -8,6 +8,7 @@ import (
 	"io"
 	"net/http"
 	"strconv"
+	"sync"
 	"time"
 
 	"github.com/go-chi/chi"
@@ -132,9 +133,12 @@ func (s StoreData) GetChallengeCache(key string) (string, error) {
 }
 
 func Ask(w http.ResponseWriter, r *http.Request) {
+	var m sync.Mutex
+	m.Lock()
+
 	ts := strconv.Itoa(int(time.Now().Unix()))
 	h := []byte(ts)
-	// h := blake2b.Sum256([]byte(ts))
+
 	challenge := base64.URLEncoding.EncodeToString(h[:])
 
 	Store.SetChallengeCache(challenge, ts)
@@ -144,6 +148,8 @@ func Ask(w http.ResponseWriter, r *http.Request) {
 		"challenge": challenge,
 		"ts":        ts,
 	})
+
+	m.Unlock()
 }
 
 type VerifyPayload struct {