From 172a3de75bf5b4193e5e6aaddf18e8f78709cbdb Mon Sep 17 00:00:00 2001
From: chabanyknikita <nikchabanyk@gmail.com>
Date: Wed, 23 Oct 2024 23:28:50 +0300
Subject: [PATCH] change logic for uniqueness check in light verification

---
 .../handlers/verification_callback_light.go   | 22 ++++++++++++++-----
 1 file changed, 17 insertions(+), 5 deletions(-)

diff --git a/internal/service/handlers/verification_callback_light.go b/internal/service/handlers/verification_callback_light.go
index 5b32a5d..32f73b2 100644
--- a/internal/service/handlers/verification_callback_light.go
+++ b/internal/service/handlers/verification_callback_light.go
@@ -133,15 +133,27 @@ func VerificationSignatureCallback(w http.ResponseWriter, r *http.Request) {
 			return
 		}
 
-		if byNullifier != nil && byNullifier.UserIDHash != verifiedUser.UserIDHash &&
-			byAnonymousID != nil && byAnonymousID.UserIDHash != verifiedUser.UserIDHash {
-			Log(r).WithError(err).Errorf("User with anonymous_id [%s] but a different userIDHash already exists", anonymousIDHex)
-			verifiedUser.Status = "failed_verification"
+		if byAnonymousID != nil {
+			if byAnonymousID.UserIDHash != verifiedUser.UserIDHash {
+				Log(r).WithError(err).Errorf("User with anonymous_id [%s] but a different userIDHash already exists", anonymousIDHex)
+				verifiedUser.Status = "failed_verification"
+				return
+			}
 		} else {
-			verifiedUser.Nullifier = nullifierHex
 			verifiedUser.AnonymousID = anonymousIDHex
 		}
+
+		if byNullifier != nil {
+			if byNullifier.UserIDHash != verifiedUser.UserIDHash {
+				Log(r).WithError(err).Errorf("User with nullifier [%s] but a different userIDHash already exists", nullifierHex)
+				verifiedUser.Status = "failed_verification"
+				return
+			}
+		} else {
+			verifiedUser.Nullifier = nullifierHex
+		}
 	}
+
 	if eventData != userIDHash {
 		Log(r).WithError(err).Errorf("failed to verify user: EventData from pub-signals [%s] != userIdHash from db [%s]", eventData, userIDHash)
 		verifiedUser.Status = "failed_verification"