code review: don't create auth token if using header auth
This commit is contained in:
parent
05cc23a144
commit
f74f7b1f1a
3 changed files with 45 additions and 57 deletions
|
@ -12,7 +12,7 @@ export interface UserJwtRequest extends Request {
|
||||||
user?: User
|
user?: User
|
||||||
}
|
}
|
||||||
|
|
||||||
export default async function authenticateToken(
|
export default async function isSignedIn(
|
||||||
req: UserJwtRequest,
|
req: UserJwtRequest,
|
||||||
res: Response,
|
res: Response,
|
||||||
next: NextFunction
|
next: NextFunction
|
||||||
|
@ -35,18 +35,9 @@ export default async function authenticateToken(
|
||||||
await user.save()
|
await user.save()
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!token) {
|
req.user = user
|
||||||
const token = jwt.sign({ id: user.id }, config.jwt_secret, {
|
next()
|
||||||
expiresIn: "2d"
|
} else {
|
||||||
})
|
|
||||||
const authToken = new AuthToken({
|
|
||||||
userId: user.id,
|
|
||||||
token: token
|
|
||||||
})
|
|
||||||
await authToken.save()
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
if (token == null) return res.sendStatus(401)
|
if (token == null) return res.sendStatus(401)
|
||||||
|
|
||||||
const authToken = await AuthToken.findOne({ where: { token: token } })
|
const authToken = await AuthToken.findOne({ where: { token: token } })
|
||||||
|
@ -90,4 +81,5 @@ export default async function authenticateToken(
|
||||||
|
|
||||||
next()
|
next()
|
||||||
})
|
})
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
import config from "@lib/config"
|
import config from "@lib/config"
|
||||||
import { NextFunction, Request, Response } from "express"
|
import { NextFunction, Request, Response } from "express"
|
||||||
|
|
||||||
export default function authenticateToken(
|
export default function secretKey(
|
||||||
req: Request,
|
req: Request,
|
||||||
res: Response,
|
res: Response,
|
||||||
next: NextFunction
|
next: NextFunction
|
||||||
|
|
|
@ -95,10 +95,6 @@ auth.post(
|
||||||
}
|
}
|
||||||
}),
|
}),
|
||||||
async (req, res) => {
|
async (req, res) => {
|
||||||
if (config.header_auth) {
|
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
const error = "User does not exist or password is incorrect"
|
const error = "User does not exist or password is incorrect"
|
||||||
const errorToThrow = new Error(error)
|
const errorToThrow = new Error(error)
|
||||||
try {
|
try {
|
||||||
|
|
Loading…
Reference in a new issue