Move hashing outside of transaction

2026-06-27 01:29:14 +00:00 · 2026-06-26 14:40:39 -04:00
parent 35dffe71cb
commit ea3f1c341b
2 changed files with 19 additions and 17 deletions
--- a/server/routers/policy/setResourcePolicyHeaderAuth.ts
+++ b/server/routers/policy/setResourcePolicyHeaderAuth.ts
@@ -76,6 +76,15 @@ export async function setResourcePolicyHeaderAuth(
        const { resourcePolicyId } = parsedParams.data;
        const { headerAuth } = parsedBody.data;

+        const headerAuthHash =
+            headerAuth !== null
+                ? await hashPassword(
+                      Buffer.from(
+                          `${headerAuth.user}:${headerAuth.password}`
+                      ).toString("base64")
+                  )
+                : null;
+
        await db.transaction(async (trx) => {
            await trx
                .delete(resourcePolicyHeaderAuth)
@@ -86,13 +95,7 @@ export async function setResourcePolicyHeaderAuth(
                    )
                );

-            if (headerAuth !== null) {
-                const headerAuthHash = await hashPassword(
-                    Buffer.from(
-                        `${headerAuth.user}:${headerAuth.password}`
-                    ).toString("base64")
-                );
-
+            if (headerAuth !== null && headerAuthHash !== null) {
                await trx.insert(resourcePolicyHeaderAuth).values({
                    resourcePolicyId,
                    headerAuthHash,
--- a/server/routers/resource/setResourceHeaderAuth.ts
+++ b/server/routers/resource/setResourceHeaderAuth.ts
@@ -107,6 +107,13 @@ export async function setResourceHeaderAuth(
            resource.resourcePolicyId === null &&
            resource.defaultResourcePolicyId !== null;

+        const headerAuthHash =
+            user && password && extendedCompatibility !== null
+                ? await hashPassword(
+                      Buffer.from(`${user}:${password}`).toString("base64")
+                  )
+                : null;
+
        await db.transaction(async (trx) => {
            if (isInlinePolicy) {
                const policyId = resource.defaultResourcePolicyId!;
@@ -116,11 +123,7 @@ export async function setResourceHeaderAuth(
                        eq(resourcePolicyHeaderAuth.resourcePolicyId, policyId)
                    );

-                if (user && password && extendedCompatibility !== null) {
-                    const headerAuthHash = await hashPassword(
-                        Buffer.from(`${user}:${password}`).toString("base64")
-                    );
-
+                if (headerAuthHash !== null && extendedCompatibility !== null) {
                    await trx.insert(resourcePolicyHeaderAuth).values({
                        resourcePolicyId: policyId,
                        headerAuthHash,
@@ -140,11 +143,7 @@ export async function setResourceHeaderAuth(
                        )
                    );

-                if (user && password && extendedCompatibility !== null) {
-                    const headerAuthHash = await hashPassword(
-                        Buffer.from(`${user}:${password}`).toString("base64")
-                    );
-
+                if (headerAuthHash !== null && extendedCompatibility !== null) {
                    await Promise.all([
                        trx
                            .insert(resourceHeaderAuth)