🛂 Clear auth context cache when logout for security

2025-03-29 15:32:20 +08:00
parent cc7c96311f
commit 7389f70128
4 changed files with 9 additions and 3 deletions
--- a/pkg/internal/services/auth.go
+++ b/pkg/internal/services/auth.go
@@ -31,7 +31,7 @@ func Authenticate(sessionId uint) (ctx models.AuthTicket, perms map[string]any,
 }

 func KgAuthContextCache(sessionId uint) string {
-	return fmt.Sprintf("auth-context#%d", sessionId)
+	return cachekit.FKey("auth-context", sessionId)
 }

 func GetAuthContext(sessionId uint) (models.AuthTicket, error) {
@@ -59,7 +59,6 @@ func CacheAuthContext(sessionId uint) (models.AuthTicket, error) {
 	var ticket models.AuthTicket
 	if err := database.C.
 		Where("id = ?", sessionId).
-		Preload("Account").
 		First(&ticket).Error; err != nil {
 		return ticket, fmt.Errorf("invalid auth ticket: %v", err)
 	} else if err := ticket.IsAvailable(); err != nil {