Open 0xPenryn opened 1 week ago
lgtm 👍
@0xPenryn this change makes sense, but if two requests are sent concurrently I'm not sure this change will suffice to fix the underlying issue. Would it make sense to add a row-level DB lock for more robustness?
cc @m1guelpf might be worth getting your input, IIRC you implemented something similar to prevent verify race conditions
Uses one atomic GraphQL mutation to return and delete the
auth_code
when accessing the OIDC/token
endpoint.Not yet tested.