From c1451924d88d146c7dc00c01d8c5f248978001b2 Mon Sep 17 00:00:00 2001
From: pennae <github@quasiparticle.net>
Date: Sun, 17 Jul 2022 09:45:23 +0200
Subject: don't use SecretBytes in HawkKey/SecretKey

---
 src/api/auth/oauth.rs | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'src/api/auth/oauth.rs')

diff --git a/src/api/auth/oauth.rs b/src/api/auth/oauth.rs
index cb53b7c..6d2f700 100644
--- a/src/api/auth/oauth.rs
+++ b/src/api/auth/oauth.rs
@@ -394,8 +394,14 @@ async fn token_impl(
             let session_token = SecretBytes::generate();
             let session = SessionCredentials::derive(&session_token);
             let session_id = SessionID(session.token_id.0);
-            db.add_session(session_id.clone(), &user_id, HawkKey(session.req_hmac_key), true, None)
-                .await?;
+            db.add_session(
+                session_id.clone(),
+                &user_id,
+                HawkKey(session.req_hmac_key.0),
+                true,
+                None,
+            )
+            .await?;
             (Some(session_token.0), Some(SessionID(session.token_id.0)))
         } else {
             (None, None)
-- 
cgit v1.2.3