OpenServer/OpenAuth_server
1
1
Fork 0
Code Issues Pull Requests Actions Releases Wiki Activity

More preparations for 2 factor authentication

Browse Source
This commit is contained in:
Fabian Stamm
2018-11-10 15:12:38 +01:00
parent 7389c25312
commit 0633311ba1
11 changed files with 62 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/api/middlewares/user.ts
View File

@ -21,11 +21,11 @@ export function GetUserMiddleware(json = false, special_token: boolean = false,
}
try {
let { login, special } = req.cookies
if (!login) invalid()
let token = await LoginToken.findOne({ token: login, valid: true })
if (!token) invalid()
if (!token.validated) invalid();
let user = await User.findById(token.user);
if (!user) {
@ -43,7 +43,7 @@ export function GetUserMiddleware(json = false, special_token: boolean = false,
if (special) {
Logging.debug("Special found")
let st = await LoginToken.findOne({ token: special, special: true, valid: true })
if (st && st.valid && st.user.toHexString() === token.user.toHexString()) {
if (st && st.validated && st.valid && st.user.toHexString() === token.user.toHexString()) {
if (st.validTill.getTime() < new Date().getTime()) { //Token expired
Logging.debug("Special expired")
st.valid = false;