From 73df848f11da24f10eb847dafc68f7473c66e875 Mon Sep 17 00:00:00 2001
From: Sainan <sainan@calamity.inc>
Date: Sun, 19 Jan 2025 01:58:35 +0100
Subject: [PATCH] chore: optimise getAccountIdForRequest (#814)

---
 src/services/loginService.ts | 16 +++++++++++++++-
 1 file changed, 15 insertions(+), 1 deletion(-)

diff --git a/src/services/loginService.ts b/src/services/loginService.ts
index 0e7fa5d4..7d1a7dd5 100644
--- a/src/services/loginService.ts
+++ b/src/services/loginService.ts
@@ -71,7 +71,21 @@ export const getAccountForRequest = async (req: Request): Promise<TAccountDocume
 };
 
 export const getAccountIdForRequest = async (req: Request): Promise<string> => {
-    return (await getAccountForRequest(req))._id.toString();
+    if (!req.query.accountId) {
+        throw new Error("Request is missing accountId parameter");
+    }
+    if (!req.query.nonce || parseInt(req.query.nonce as string) === 0) {
+        throw new Error("Request is missing nonce parameter");
+    }
+    if (
+        !(await Account.exists({
+            _id: req.query.accountId,
+            Nonce: req.query.nonce
+        }))
+    ) {
+        throw new Error("Invalid accountId-nonce pair");
+    }
+    return req.query.accountId as string;
 };
 
 export const isAdministrator = (account: TAccountDocument): boolean => {