fix: resolve 7 audit issues - webhook tokens, cookie security, avatar save, TUI fallback, dead code, valkey default

This commit is contained in:
2026-06-30 13:29:34 -04:00
parent 6f43e4f3a0
commit 2caedc172b
9 changed files with 41 additions and 103 deletions
+3 -3
View File
@@ -143,10 +143,10 @@ func (h *Handler) Create(w http.ResponseWriter, r *http.Request) {
var avatar sql.NullString
var createdAt sql.NullString
err = h.db.QueryRowContext(r.Context(), `
INSERT INTO webhooks (channel_id, name, token, token_hash, avatar, created_by)
VALUES ($1, $2, $3, $4, $5, $6)
INSERT INTO webhooks (channel_id, name, token_hash, avatar, created_by)
VALUES ($1, $2, $3, $4, $5)
RETURNING id, channel_id, name, avatar, created_by, created_at::text
`, channelID, req.Name, token, tokenHash, req.Avatar, userID).Scan(
`, channelID, req.Name, tokenHash, req.Avatar, userID).Scan(
&wh.ID, &wh.ChannelID, &wh.Name, &avatar, &wh.CreatedBy, &createdAt,
)
if err != nil {