From c8550b517a4b85a5efbf34fea7e03e4240188707 Mon Sep 17 00:00:00 2001
From: Fabian Stamm <dev@fabianstamm.de>
Date: Wed, 11 Mar 2020 11:22:47 +0100
Subject: [PATCH] Fixing wrong token order

---
 src/api/middlewares/user.ts | 71 +++++++++++++++++++++++++------------
 1 file changed, 49 insertions(+), 22 deletions(-)

diff --git a/src/api/middlewares/user.ts b/src/api/middlewares/user.ts
index 9f91d88..9c4e5bc 100644
--- a/src/api/middlewares/user.ts
+++ b/src/api/middlewares/user.ts
@@ -5,7 +5,7 @@ import RequestError, { HttpStatusCode } from "../../helper/request_error";
 import User from "../../models/user";
 import promiseMiddleware from "../../helper/promiseMiddleware";
 
-class Invalid extends Error { }
+class Invalid extends Error {}
 
 /**
  * Returns customized Middleware function, that could also be called directly
@@ -16,22 +16,32 @@ class Invalid extends Error { }
  * @param redirect_uri Default current uri. Sets the uri to redirect, if json is not set and user not logged in
  * @param validated Default true. If false, the token must not be validated
  */
-export function GetUserMiddleware(json = false, special_required: boolean = false, redirect_uri?: string, validated = true) {
-   return promiseMiddleware(async function (req: Request, res: Response, next?: NextFunction) {
+export function GetUserMiddleware(
+   json = false,
+   special_required: boolean = false,
+   redirect_uri?: string,
+   validated = true
+) {
+   return promiseMiddleware(async function(
+      req: Request,
+      res: Response,
+      next?: NextFunction
+   ) {
       const invalid = (message: string) => {
          throw new Invalid(req.__(message));
-      }
+      };
       try {
-         let { login, special } = req.cookies
+         let { login, special } = req.query;
          if (!login) {
-            login = req.query.login;
-            special = req.query.special;
+            login = req.cookies.login;
+            special = req.cookies.special;
          }
-         if (!login) invalid("No login token")
-         if (!special && special_required) invalid("No special token")
+         if (!login) invalid("No login token");
+         if (!special && special_required) invalid("No special token");
 
-         let token = await LoginToken.findOne({ token: login, valid: true })
-         if (!await CheckToken(token, validated)) invalid("Login token invalid");
+         let token = await LoginToken.findOne({ token: login, valid: true });
+         if (!(await CheckToken(token, validated)))
+            invalid("Login token invalid");
 
          let user = await User.findById(token.user);
          if (!user) {
@@ -42,30 +52,47 @@ export function GetUserMiddleware(json = false, special_required: boolean = fals
 
          let special_token;
          if (special) {
-            Logging.debug("Special found")
-            special_token = await LoginToken.findOne({ token: special, special: true, valid: true, user: token.user })
-            if (!await CheckToken(special_token, validated))
+            Logging.debug("Special found");
+            special_token = await LoginToken.findOne({
+               token: special,
+               special: true,
+               valid: true,
+               user: token.user
+            });
+            if (!(await CheckToken(special_token, validated)))
                invalid("Special token invalid");
             req.special = true;
          }
 
-         req.user = user
+         req.user = user;
          req.isAdmin = user.admin;
          req.token = {
             login: token,
             special: special_token
-         }
+         };
 
-         if (next)
-            next()
+         if (next) next();
          return true;
       } catch (e) {
          if (e instanceof Invalid) {
             if (req.method === "GET" && !json) {
-               res.status(HttpStatusCode.UNAUTHORIZED)
-               res.redirect("/login?base64=true&state=" + Buffer.from(redirect_uri ? redirect_uri : req.originalUrl).toString("base64"))
+               res.status(HttpStatusCode.UNAUTHORIZED);
+               res.redirect(
+                  "/login?base64=true&state=" +
+                     Buffer.from(
+                        redirect_uri ? redirect_uri : req.originalUrl
+                     ).toString("base64")
+               );
             } else {
-               throw new RequestError(req.__("You are not logged in or your login is expired" + ` (${e.message})`), HttpStatusCode.UNAUTHORIZED, undefined, { auth: true })
+               throw new RequestError(
+                  req.__(
+                     "You are not logged in or your login is expired" +
+                        ` (${e.message})`
+                  ),
+                  HttpStatusCode.UNAUTHORIZED,
+                  undefined,
+                  { auth: true }
+               );
             }
          } else {
             if (next) next(e);
@@ -76,4 +103,4 @@ export function GetUserMiddleware(json = false, special_required: boolean = fals
    });
 }
 
-export const UserMiddleware = GetUserMiddleware();
\ No newline at end of file
+export const UserMiddleware = GetUserMiddleware();