From 40bee79e3dfaed1ebed808bca1bea1a43ef90f7e Mon Sep 17 00:00:00 2001
From: Johannes Zellner <johannes@cloudron.io>
Date: Wed, 13 Apr 2016 10:45:11 +0200
Subject: [PATCH] Fix oversight to store userId as user.username for auth codes

---
 src/routes/oauth2.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/routes/oauth2.js b/src/routes/oauth2.js
index 4dd105dbf..9bfcdc69e 100644
--- a/src/routes/oauth2.js
+++ b/src/routes/oauth2.js
@@ -57,7 +57,7 @@ gServer.grant(oauth2orize.grant.code({ scopeSeparator: ',' }, function (client,
     var code = hat(256);
     var expiresAt = Date.now() + 60 * 60000; // 1 hour
 
-    authcodedb.add(code, client.id, user.username, expiresAt, function (error) {
+    authcodedb.add(code, client.id, user.id, expiresAt, function (error) {
         if (error) return callback(error);
 
         debug('grant code: new auth code for client %s code %s', client.id, code);