Auth against the correct code this time

This commit is contained in:
Halgari 2023-02-23 22:40:09 -07:00
parent 59126d1f25
commit 18afc46e5e

View File

@ -86,9 +86,7 @@ public class ApiKeyAuthenticationHandler : AuthenticationHandler<ApiKeyAuthentic
if (authorKey != null)
{
if (await _tarLog.Contains(authorKey))
return AuthenticateResult.Fail("Banned author key");
var owner = await _authorKeys.AuthorForKey(authorKey);
if (owner == null)
{
@ -100,6 +98,9 @@ public class ApiKeyAuthenticationHandler : AuthenticationHandler<ApiKeyAuthentic
owner = "github/" + ghUser.Login;
}
if (await _tarLog.Contains(owner))
return AuthenticateResult.Fail("Banned author key");
var claims = new List<Claim> {new(ClaimTypes.Name, owner)};
claims.Add(new Claim(ClaimTypes.Role, "Author"));