diff options
| author | Fuwn <[email protected]> | 2026-04-18 09:14:18 +0000 |
|---|---|---|
| committer | Fuwn <[email protected]> | 2026-04-18 09:14:18 +0000 |
| commit | 9e0b7f75c58206fbff1b57a1a7b5405df89efccb (patch) | |
| tree | 2135ad429c98b803e86dd8c6f739c41c81da6495 | |
| parent | fix(api): drop unused redirect query param from oauth refresh (diff) | |
| download | due.moe-9e0b7f75c58206fbff1b57a1a7b5405df89efccb.tar.xz due.moe-9e0b7f75c58206fbff1b57a1a7b5405df89efccb.zip | |
fix(api): await setShadowHidden in badges PUT
setShadowHidden is async and hits Supabase. The PUT handler called it
without await, so the handler could respond before the database write
landed (and any error was silently lost). Add the missing await so the
response only goes out after the update settles.
| -rw-r--r-- | src/routes/api/badges/+server.ts | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/routes/api/badges/+server.ts b/src/routes/api/badges/+server.ts index a4d4ba93..46b98cbc 100644 --- a/src/routes/api/badges/+server.ts +++ b/src/routes/api/badges/+server.ts @@ -77,7 +77,10 @@ export const PUT = async ({ cookies, url, request }) => { const authorised = privilegedUser(identity.id); if (url.searchParams.get("shadowHide")) - setShadowHidden(Number(url.searchParams.get("shadowHide")), authorised); + await setShadowHidden( + Number(url.searchParams.get("shadowHide")), + authorised, + ); if (url.searchParams.get("import") || undefined) { const importedBadges = await decodeRequestJsonOrThrow( |