Dokploy/dokploy
1
0
Fork 0
mirror of https://github.com/Dokploy/dokploy.git synced 2026-06-15 20:25:23 +02:00
Code Issues Packages Projects Releases Wiki Activity

fix: update API key deletion authorization check

Browse Source 
- Changed the authorization check for deleting an API key to use referenceId instead of userId, ensuring proper validation against the current user's ID.
This commit is contained in:
Mauricio Siu
2026-03-18 16:33:19 -06:00
parent 72974e00a6
commit d0c92d84ef
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
apps/dokploy/server/api/routers/user.ts
View File

@@ -465,7 +465,7 @@ export const userRouter = createTRPCRouter({
}); });
} }
if (apiKeyToDelete.userId !== ctx.user.id) { if (apiKeyToDelete.referenceId !== ctx.user.id) {
throw new TRPCError({ throw new TRPCError({
code: "UNAUTHORIZED", code: "UNAUTHORIZED",
message: "You are not authorized to delete this API key", message: "You are not authorized to delete this API key",