Pass timestamp as string to signature verification

Changed the call to verify_request_signature to pass the timestamp as a string instead of an integer. This ensures proper signature verification and prevents unauthorized requests.
2025-08-24 02:16:49 +08:00
parent c99807dabb
commit 9043389f25
1 changed files with 1 additions and 1 deletions
--- a/app/router/lio.py
+++ b/app/router/lio.py
@@ -461,7 +461,7 @@ async def remove_user_from_room(
        # Verify request signature
        body = await request.body()
        now = utcnow()
-        if not verify_request_signature(request, timestamp, body):
+        if not verify_request_signature(request, str(timestamp), body):
            raise HTTPException(
                status_code=status.HTTP_401_UNAUTHORIZED,
                detail="Invalid request signature"