k1nq/TREK
1
0
Fork 0
mirror of https://github.com/mauriceboe/TREK.git synced 2026-06-22 06:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(oauth): select ot.user_id instead of u.id in getUserByAccessToken

Browse Source 
u.id was returned by SQLite as `id` but the code read `row.user_id`,
which was undefined. This caused all MCP calls to resolve userId as
undefined, making list_trips return empty and canAccessTrip deny all
access when authenticated via OAuth 2.1.
This commit is contained in:
jubnl
2026-04-09 23:59:01 +02:00
parent 5b44fe68b1
commit 41f1dd9ce5
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/src/services/oauthService.ts
+1 -1
View File
@@ -276,7 +276,7 @@ export function getUserByAccessToken(rawToken: string): OAuthTokenInfo | null {
const hash = hashToken(rawToken); const hash = hashToken(rawToken);
const row = db.prepare(` const row = db.prepare(`
SELECT ot.scopes, ot.revoked_at, ot.access_token_expires_at, SELECT ot.scopes, ot.revoked_at, ot.access_token_expires_at,
u.id, u.username, u.email, u.role ot.user_id, u.username, u.email, u.role
FROM oauth_tokens ot FROM oauth_tokens ot
JOIN users u ON ot.user_id = u.id JOIN users u ON ot.user_id = u.id
WHERE ot.access_token_hash = ? WHERE ot.access_token_hash = ?