controllers/token: Move name check outside of spawn_blocking() ca…

…llback (#9574)
rust-lang · Oct 4, 2024 · d15cf42 · d15cf42
1 parent 2e5a4fe
commit d15cf42
Showing 1 changed file with 6 additions and 7 deletions.
diff --git a/src/controllers/token.rs b/src/controllers/token.rs
@@ -86,15 +86,14 @@ pub async fn new(
     parts: Parts,
     Json(new): Json<NewApiTokenRequest>,
 ) -> AppResult<Json<Value>> {
+    if new.api_token.name.is_empty() {
+        return Err(bad_request("name must have a value"));
+    }
+
     let conn = app.db_write().await?;
     spawn_blocking(move || {
         let conn: &mut AsyncConnectionWrapper<_> = &mut conn.into();
 
-        let name = &new.api_token.name;
-        if name.is_empty() {
-            return Err(bad_request("name must have a value"));
-        }
-
         let auth = AuthCheck::default().check(&parts, conn)?;
         if auth.api_token_id().is_some() {
             return Err(bad_request(
@@ -141,15 +140,15 @@ pub async fn new(
         let api_token = ApiToken::insert_with_scopes(
             conn,
             user.id,
-            name,
+            &new.api_token.name,
             crate_scopes,
             endpoint_scopes,
             new.api_token.expired_at,
         )?;
 
         if let Some(recipient) = recipient {
             let email = NewTokenEmail {
-                token_name: name,
+                token_name: &new.api_token.name,
                 user_name: &user.gh_login,
                 domain: &app.emails.domain,
             };