Update user_id for bigint and update secure

2025-12-04 16:11:38 +03:00
parent d67371dcee
commit e74ab668ce
3 changed files with 72 additions and 5 deletions
--- a/bot/modules/access_control/auth.py
+++ b/bot/modules/access_control/auth.py
@@ -48,9 +48,10 @@ async def is_authorized(user_id: int) -> bool:
    # If private mode is disabled
    # Check whitelist (if configured)
    if settings.authorized_users_list:
-        return user_id in settings.authorized_users_list
+        if user_id in settings.authorized_users_list:
+            return True
    
-    # If whitelist is not configured, check in database
+    # Check in database (users added via /adduser should have access)
    async with AsyncSessionLocal() as session:
        user = await session.get(User, user_id)
        # If user exists in database and is not blocked - allow access