Merge branch 'master' into paskal/pngcrush

umputun · Sep 28, 2022 · 389cce0 · 389cce0
2 parents ea1c268 + 372429a
commit 389cce0
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/backend/app/cmd/server.go b/backend/app/cmd/server.go
@@ -1107,7 +1107,7 @@ func (s *ServerCommand) getAuthenticator(ds *service.DataStore, avas avatar.Stor
 		SameSiteCookie: s.parseSameSite(s.Auth.SameSite),
 		SecureCookies:  strings.HasPrefix(s.RemarkURL, "https://"),
 		SecretReader: token.SecretFunc(func(aud string) (string, error) { // get secret per site
-			return admns.Key("")
+			return admns.Key(aud)
 		}),
 		ClaimsUpd: token.ClaimsUpdFunc(func(c token.Claims) token.Claims { // set attributes, on new token or refresh
 			if c.User == nil {

diff --git a/backend/app/store/service/service.go b/backend/app/store/service/service.go
@@ -981,9 +981,9 @@ func (s *DataStore) prepVotes(c store.Comment, user store.User) store.Comment {
 }
 
 // get secret for given siteID
-// Note: secret shared across sites, but some sites can be disabled.
+// Note: siteID ignored for the default admin.Static store
 func (s *DataStore) getSecret(siteID string) (secret string, err error) {
-	if secret, err = s.AdminStore.Key("any"); err != nil {
+	if secret, err = s.AdminStore.Key(siteID); err != nil {
 		return "", fmt.Errorf("can't get secret for site %s: %w", siteID, err)
 	}