albert/mrfrys-node-server
1
0
Fork 0
mirror of https://gitlab.com/MrFry/mrfrys-node-server synced 2025-04-01 20:24:18 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

token validation changes

Browse source
This commit is contained in:
mrfry 2023-04-02 14:29:14 +02:00
parent 9194593fa3
commit f13636ce1a
1 changed files with 9 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

14
src/modules/api/submodules/userManagement.ts
View file

@ -318,15 +318,16 @@ function setup(data: SubmoduleData): Submodule {
logger.LogReq(req) logger.LogReq(req)
const user: User = req.session.user const user: User = req.session.user
const { token, userid } = req.query const { token, userid } = req.query
const isQueryValid = validateuuid(token) && !Number.isNaN(+userid)
if (validateuuid(token) && !Number.isNaN(+userid)) { if (isQueryValid) {
const specifiedUser = dbtools.Select(userDB, 'users', { const specifiedUser = dbtools.Select(userDB, 'users', {
id: +userid, id: +userid,
}) })
if (specifiedUser.length === 0) { if (specifiedUser.length === 0) {
res.json({ res.json({
result: 'error', result: 'nouser',
msg: 'couldnt find user', msg: 'couldnt find user',
}) })
} }
@ -340,14 +341,17 @@ function setup(data: SubmoduleData): Submodule {
} else { } else {
if (!user) { if (!user) {
res.json({ res.json({
result: 'error', result: 'invalid',
msg: 'you are not logged in', msg: isQueryValid
? 'you are not logged in'
: 'token or user id is not valid',
}) })
return
} }
const key = v5(validationTokenName, user.pw) const key = v5(validationTokenName, user.pw)
res.json({ res.json({
result: 'success', result: 'newtoken',
key: key, key: key,
...((token || userid) && { ...((token || userid) && {
msg: 'userid or token was provided, but was invalid', msg: 'userid or token was provided, but was invalid',