code review: don't create auth token if using header auth

2022-05-06 21:40:30 -07:00 · 2022-05-06 21:40:30 -07:00 · f74f7b1f1a
commit f74f7b1f1a
parent 05cc23a144
3 changed files with 45 additions and 57 deletions
--- a/server/src/lib/middleware/is-signed-in.ts
+++ b/server/src/lib/middleware/is-signed-in.ts
@ -12,7 +12,7 @@ export interface UserJwtRequest extends Request {
 	user?: User
 }
-export default async function authenticateToken(
+export default async function isSignedIn(
 	req: UserJwtRequest,
 	res: Response,
 	next: NextFunction
@ -35,18 +35,9 @@ export default async function authenticateToken(
 			await user.save()
 		}
-		if (!token) {
+		req.user = user
-			const token = jwt.sign({ id: user.id }, config.jwt_secret, {
+		next()
-				expiresIn: "2d"
+	} else {
 			})
 			const authToken = new AuthToken({
 				userId: user.id,
 				token: token
 			})
 			await authToken.save()
 		}
 	}
 		if (token == null) return res.sendStatus(401)
 		const authToken = await AuthToken.findOne({ where: { token: token } })
@ -91,3 +82,4 @@ export default async function authenticateToken(
 			next()
 		})
 	}
 }
--- a/server/src/lib/middleware/secret-key.ts
+++ b/server/src/lib/middleware/secret-key.ts
@ -1,7 +1,7 @@
 import config from "@lib/config"
 import { NextFunction, Request, Response } from "express"
-export default function authenticateToken(
+export default function secretKey(
 	req: Request,
 	res: Response,
 	next: NextFunction
--- a/server/src/routes/auth.ts
+++ b/server/src/routes/auth.ts
@ -95,10 +95,6 @@ auth.post(
 		}
 	}),
 	async (req, res) => {
 		if (config.header_auth) {
 		}
 		const error = "User does not exist or password is incorrect"
 		const errorToThrow = new Error(error)
 		try {