🐛 API Allows Multiple Votes on the Same Proposal Poll

[kneerose]

Area

Proposal Pillar

Domain

dev-sanchogov.tools

Which wallet were you using?

No response

Context

Users can submit multiple votes on the same proposal poll through CURL, bypassing UI restrictions.

Steps to reproduce

1. Connect to the wallet.
2. Navigate to any proposal with a poll. (eg : https://dev-sanchonet.govtool.byron.network/proposal_discussion/2061)
3. Submit a vote on the poll.
4. Copy the network request for the vote as a CURL command.
5. Paste and execute the CURL command in the terminal.
6. Observe that the same proposal can be voted on multiple times using this method.

Actual behavior

The API accepts multiple votes on the same proposal when submitted through CURL, even though the UI prevents duplicate submissions.

https://www.loom.com/share/c05063dca7c1496f9a5905ea7dacc3c0?sid=ca3933e2-fc00-41d3-a61f-08d34f63f3c2

Expected behavior

The API should reject multiple votes on the same proposal when using the same authentication.

[nebojsajsimic]

This issue is fixed, after deployment you can test

[kneerose]

@nebojsajsimic I was unable to test it. Did the backend go down? Also i am unable to verify my identity.

[kneerose]

CC: @bosko-m
Based on the provided response, the issue now appears to be resolved.