Delete redis store after retrieval. Fixes #3

2019-06-19 16:56:31 +08:00 · 2019-06-19 16:56:31 +08:00 · a057533c3c
parent 44c804061d
commit a057533c3c
2 changed files with 30 additions and 0 deletions
--- a/BIN
+++ b/BIN
--- a/main.go
+++ b/main.go
@ -200,6 +200,14 @@ func VerifyCode(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
 		return
  }

+  // Delete nonce
+  _, err = redisClient.Del(req.Code + "nonce").Result()
+  if err != nil {
+    http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
+		return
+  }
+
+  // Check nonce
  if req.Nonce != storedNonce {
    http.Error(w, http.StatusText(http.StatusNotFound), http.StatusNotFound)
 		return
@ -212,6 +220,13 @@ func VerifyCode(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
 		return
  }

+  // Delete stored phone number
+  _, err = redisClient.Del(req.Code + "phone").Result()
+  if err != nil {
+    http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
+		return
+  }
+
  // Generate (potential) User ID
  userHex, err := RandomHex()
  if err != nil {
@ -289,11 +304,26 @@ func CreateUser(w http.ResponseWriter, r *http.Request, p httprouter.Params) {
 		return
  }

+  // Delete nonce
+  _, err = redisClient.Del(code + "nonce").Result()
+  if err != nil {
+    http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
+		return
+  }
+
+  // Check nonce
  if nonce != storedNonce {
    http.Error(w, http.StatusText(http.StatusUnauthorized), http.StatusUnauthorized)
 		return
  }

+  // Delete phone number
+  _, err = redisClient.Del(code + "phone").Result()
+  if err != nil {
+    http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)
+		return
+  }
+
  proxyReq, err := http.NewRequest(r.Method, coreURL, r.Body)
  if err != nil {
    http.Error(w, http.StatusText(http.StatusInternalServerError), http.StatusInternalServerError)