From 7c437fabf3fa3285b7ccfaee7a1e8cd28248e97a Mon Sep 17 00:00:00 2001 From: Anshuman Tripathi Date: Sat, 28 Feb 2026 00:15:01 +0530 Subject: [PATCH] fix: corrected service reference (#2559) --- .../src/routers/user-protected/change-username.js | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/src/backend/src/routers/user-protected/change-username.js b/src/backend/src/routers/user-protected/change-username.js index 03d06383a..6917974d8 100644 --- a/src/backend/src/routers/user-protected/change-username.js +++ b/src/backend/src/routers/user-protected/change-username.js @@ -46,27 +46,31 @@ module.exports = { } const svc_edgeRateLimit = req.services.get('edge-rate-limit'); - if ( ! svc_edgeRateLimit.check('change-username-start') ) { + if ( ! svc_edgeRateLimit.check('/user-protected/change-username') ) { return res.status(429).send('Too many requests.'); } const db = Context.get('services').get('database').get(DB_WRITE, 'auth'); - const rows = await db.read('SELECT COUNT(*) AS `count` FROM `user_update_audit` ' + + const rows = await db.read( + 'SELECT COUNT(*) AS `count` FROM `user_update_audit` ' + `WHERE \`user_id\`=? AND \`reason\`=? AND ${ db.case({ mysql: '`created_at` > DATE_SUB(NOW(), INTERVAL 1 MONTH)', sqlite: "`created_at` > datetime('now', '-1 month')", })}`, - [user.id, 'change_username']); + [user.id, 'change_username'], + ); if ( rows[0].count >= (config.max_username_changes ?? 2) ) { throw APIError.create('too_many_username_changes'); } - await db.write('INSERT INTO `user_update_audit` ' + + await db.write( + 'INSERT INTO `user_update_audit` ' + '(`user_id`, `user_id_keep`, `old_username`, `new_username`, `reason`) ' + 'VALUES (?, ?, ?, ?, ?)', - [user.id, user.id, user.username, new_username, 'change_username']); + [user.id, user.id, user.username, new_username, 'change_username'], + ); await change_username(user.id, new_username);