From 40a30d46af7d3fabd0dbfbf2985194317059e231 Mon Sep 17 00:00:00 2001
From: boojack <stevenlgtm@gmail.com>
Date: Sat, 15 Jul 2023 10:26:19 +0800
Subject: [PATCH] chore: update db connection params (#1960)

---
 api/v1/jwt.go    | 4 +++-
 api/v1/system.go | 1 +
 server/server.go | 4 ++--
 store/db/db.go   | 2 +-
 4 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/api/v1/jwt.go b/api/v1/jwt.go
index a3e7e4d6..d45211fb 100644
--- a/api/v1/jwt.go
+++ b/api/v1/jwt.go
@@ -113,12 +113,13 @@ func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) e
 		})
 
 		if !accessToken.Valid {
+			auth.RemoveTokensAndCookies(c)
 			return echo.NewHTTPError(http.StatusUnauthorized, "Invalid access token.")
 		}
-
 		if !audienceContains(claims.Audience, auth.AccessTokenAudienceName) {
 			return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName))
 		}
+
 		generateToken := time.Until(claims.ExpiresAt.Time) < auth.RefreshThresholdDuration
 		if err != nil {
 			var ve *jwt.ValidationError
@@ -129,6 +130,7 @@ func JWTMiddleware(server *APIV1Service, next echo.HandlerFunc, secret string) e
 					generateToken = true
 				}
 			} else {
+				auth.RemoveTokensAndCookies(c)
 				return echo.NewHTTPError(http.StatusUnauthorized, errors.Wrap(err, "Invalid or expired access token"))
 			}
 		}
diff --git a/api/v1/system.go b/api/v1/system.go
index 4d6b2da9..bdf88fb7 100644
--- a/api/v1/system.go
+++ b/api/v1/system.go
@@ -77,6 +77,7 @@ func (s *APIV1Service) registerSystemRoutes(g *echo.Group) {
 			// data desensitize
 			systemStatus.Host.OpenID = ""
 			systemStatus.Host.Email = ""
+			systemStatus.Host.AvatarURL = ""
 		}
 
 		systemSettingList, err := s.Store.ListSystemSettings(ctx, &store.FindSystemSetting{})
diff --git a/server/server.go b/server/server.go
index 30e4c711..bd6fe057 100644
--- a/server/server.go
+++ b/server/server.go
@@ -75,7 +75,7 @@ func NewServer(ctx context.Context, profile *profile.Profile, store *store.Store
 
 	serverID, err := s.getSystemServerID(ctx)
 	if err != nil {
-		return nil, err
+		return nil, fmt.Errorf("failed to retrieve system server ID: %w", err)
 	}
 	s.ID = serverID
 
@@ -85,7 +85,7 @@ func NewServer(ctx context.Context, profile *profile.Profile, store *store.Store
 	if profile.Mode == "prod" {
 		secret, err = s.getSystemSecretSessionName(ctx)
 		if err != nil {
-			return nil, err
+			return nil, fmt.Errorf("failed to retrieve system secret session name: %w", err)
 		}
 	}
 	s.Secret = secret
diff --git a/store/db/db.go b/store/db/db.go
index 3ec38430..d210fa2b 100644
--- a/store/db/db.go
+++ b/store/db/db.go
@@ -43,7 +43,7 @@ func (db *DB) Open(ctx context.Context) (err error) {
 	}
 
 	// Connect to the database without foreign_key.
-	sqliteDB, err := sql.Open("sqlite", db.profile.DSN+"?cache=shared&_foreign_keys=0&_journal_mode=WAL")
+	sqliteDB, err := sql.Open("sqlite", db.profile.DSN+"?cache=private&_foreign_keys=0&_busy_timeout=10000&_journal_mode=WAL")
 	if err != nil {
 		return fmt.Errorf("failed to open db with dsn: %s, err: %w", db.profile.DSN, err)
 	}