Update tokens.cr

2025-04-20 15:45:46 -04:00 · 2023-06-13 15:50:12 -07:00 · 2023-06-13 15:50:12 -07:00 · 42f484f733
commit 42f484f733
parent d51546a56b
1 changed files with 3 additions and 3 deletions
--- a/src/invidious/helpers/tokens.cr
+++ b/src/invidious/helpers/tokens.cr
@ -87,10 +87,10 @@ def validate_request(token, session, request, key, locale = nil)

  scopes = token["scopes"].as_a.map(&.as_s)
  scope = ""
-  if scopes.includes?("::")
-    scope = "#{request.method}::#{request.path.lchop("/api/v1/").lstrip("/")}"
-  else
+  if request.path.includes?("auth")
    scope = "#{request.method}:#{request.path.lchop("/api/v1/auth/").lstrip("/")}"
+  else
+    scope = "#{request.method}::#{request.path.lchop("/api/v1/").lstrip("/")}"
  end
  if !scopes_include_scope(scopes, scope)
    raise InfoException.new("Invalid scope")