From aef6c6062113e9818818143f452ed29631c8e2fd Mon Sep 17 00:00:00 2001 From: LittleSheep Date: Fri, 6 Jun 2025 00:55:20 +0800 Subject: [PATCH] :bug: Bug fixes in auth factor endpoints --- DysonNetwork.Sphere/Account/AccountCurrentController.cs | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/DysonNetwork.Sphere/Account/AccountCurrentController.cs b/DysonNetwork.Sphere/Account/AccountCurrentController.cs index 28103fb..966606f 100644 --- a/DysonNetwork.Sphere/Account/AccountCurrentController.cs +++ b/DysonNetwork.Sphere/Account/AccountCurrentController.cs @@ -362,7 +362,7 @@ public class AccountCurrentController( if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized(); var factor = await db.AccountAuthFactors - .Where(f => f.AccountId == id && f.Id == id) + .Where(f => f.AccountId == currentUser.Id && f.Id == id) .FirstOrDefaultAsync(); if (factor is null) return NotFound(); @@ -384,7 +384,7 @@ public class AccountCurrentController( if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized(); var factor = await db.AccountAuthFactors - .Where(f => f.AccountId == id && f.Id == id) + .Where(f => f.AccountId == currentUser.Id && f.Id == id) .FirstOrDefaultAsync(); if (factor is null) return NotFound(); @@ -406,7 +406,7 @@ public class AccountCurrentController( if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized(); var factor = await db.AccountAuthFactors - .Where(f => f.AccountId == id && f.Id == id) + .Where(f => f.AccountId == currentUser.Id && f.Id == id) .FirstOrDefaultAsync(); if (factor is null) return NotFound();