🐛 Bug fixes in auth factor endpoints

2025-06-06 00:55:20 +08:00 · 2025-06-06 00:55:20 +08:00 · aef6c60621
commit aef6c60621
parent b6aa0e83a3
1 changed files with 3 additions and 3 deletions
--- a/DysonNetwork.Sphere/Account/AccountCurrentController.cs
+++ b/DysonNetwork.Sphere/Account/AccountCurrentController.cs
@ -362,7 +362,7 @@ public class AccountCurrentController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var factor = await db.AccountAuthFactors
-            .Where(f => f.AccountId == id && f.Id == id)
+            .Where(f => f.AccountId == currentUser.Id && f.Id == id)
            .FirstOrDefaultAsync();
        if (factor is null) return NotFound();
@ -384,7 +384,7 @@ public class AccountCurrentController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var factor = await db.AccountAuthFactors
-            .Where(f => f.AccountId == id && f.Id == id)
+            .Where(f => f.AccountId == currentUser.Id && f.Id == id)
            .FirstOrDefaultAsync();
        if (factor is null) return NotFound();
@ -406,7 +406,7 @@ public class AccountCurrentController(
        if (HttpContext.Items["CurrentUser"] is not Account currentUser) return Unauthorized();
        var factor = await db.AccountAuthFactors
-            .Where(f => f.AccountId == id && f.Id == id)
+            .Where(f => f.AccountId == currentUser.Id && f.Id == id)
            .FirstOrDefaultAsync();
        if (factor is null) return NotFound();