add safe read

This commit is contained in:
miloschwartz
2026-06-09 14:09:36 -07:00
parent d6634b6e8a
commit a3a45b4239

View File

@@ -17,8 +17,7 @@ import createHttpError from "http-errors";
import { z } from "zod"; import { z } from "zod";
import { fromError } from "zod-validation-error"; import { fromError } from "zod-validation-error";
import logger from "@server/logger"; import logger from "@server/logger";
import { sessions, sessionTransferToken } from "@server/db"; import { db, safeRead, sessions, sessionTransferToken } from "@server/db";
import { db } from "@server/db";
import { eq } from "drizzle-orm"; import { eq } from "drizzle-orm";
import { response } from "@server/lib/response"; import { response } from "@server/lib/response";
import { encodeHexLowerCase } from "@oslojs/encoding"; import { encodeHexLowerCase } from "@oslojs/encoding";
@@ -57,15 +56,19 @@ export async function transferSession(
sha256(new TextEncoder().encode(token)) sha256(new TextEncoder().encode(token))
); );
const [existing] = await db const result = await safeRead((db) =>
.select() db
.from(sessionTransferToken) .select()
.where(eq(sessionTransferToken.token, tokenRaw)) .from(sessionTransferToken)
.innerJoin( .where(eq(sessionTransferToken.token, tokenRaw))
sessions, .innerJoin(
eq(sessions.sessionId, sessionTransferToken.sessionId) sessions,
) eq(sessions.sessionId, sessionTransferToken.sessionId)
.limit(1); )
.limit(1)
);
const [existing] = result;
if (!existing) { if (!existing) {
return next( return next(