swap user id and secret to stop jumpscaring users

2023-04-07 00:41:01 +01:00
parent b5cfb959ad
commit 84a8646b8e
1 changed files with 5 additions and 5 deletions
@@ -58,8 +58,8 @@ func requireAuth(c *fiber.Ctx) error {
 	}
 	// decode base64 token and split by:
-	// token[0] = username
+	// token[0] = secret
-	// token[1] = password
+	// token[1] = user id
 	token, err := base64.StdEncoding.DecodeString(authToken)
 	if err != nil {
@@ -77,8 +77,8 @@ func requireAuth(c *fiber.Ctx) error {
 		})
 	}
-	userId := tokenSplit[0]
+	secret := tokenSplit[0]
-	secret := tokenSplit[1]
+	userId := tokenSplit[1]
 	storedSecret, err := rdb.Get(c.Context(), "secrets:"+hash(os.Getenv("PEPPER_SECRETS")+userId)).Result()