Fixing wrong token order
This commit is contained in:
parent
d371ad5e70
commit
c8550b517a
@ -5,7 +5,7 @@ import RequestError, { HttpStatusCode } from "../../helper/request_error";
|
|||||||
import User from "../../models/user";
|
import User from "../../models/user";
|
||||||
import promiseMiddleware from "../../helper/promiseMiddleware";
|
import promiseMiddleware from "../../helper/promiseMiddleware";
|
||||||
|
|
||||||
class Invalid extends Error { }
|
class Invalid extends Error {}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Returns customized Middleware function, that could also be called directly
|
* Returns customized Middleware function, that could also be called directly
|
||||||
@ -16,22 +16,32 @@ class Invalid extends Error { }
|
|||||||
* @param redirect_uri Default current uri. Sets the uri to redirect, if json is not set and user not logged in
|
* @param redirect_uri Default current uri. Sets the uri to redirect, if json is not set and user not logged in
|
||||||
* @param validated Default true. If false, the token must not be validated
|
* @param validated Default true. If false, the token must not be validated
|
||||||
*/
|
*/
|
||||||
export function GetUserMiddleware(json = false, special_required: boolean = false, redirect_uri?: string, validated = true) {
|
export function GetUserMiddleware(
|
||||||
return promiseMiddleware(async function (req: Request, res: Response, next?: NextFunction) {
|
json = false,
|
||||||
|
special_required: boolean = false,
|
||||||
|
redirect_uri?: string,
|
||||||
|
validated = true
|
||||||
|
) {
|
||||||
|
return promiseMiddleware(async function(
|
||||||
|
req: Request,
|
||||||
|
res: Response,
|
||||||
|
next?: NextFunction
|
||||||
|
) {
|
||||||
const invalid = (message: string) => {
|
const invalid = (message: string) => {
|
||||||
throw new Invalid(req.__(message));
|
throw new Invalid(req.__(message));
|
||||||
}
|
};
|
||||||
try {
|
try {
|
||||||
let { login, special } = req.cookies
|
let { login, special } = req.query;
|
||||||
if (!login) {
|
if (!login) {
|
||||||
login = req.query.login;
|
login = req.cookies.login;
|
||||||
special = req.query.special;
|
special = req.cookies.special;
|
||||||
}
|
}
|
||||||
if (!login) invalid("No login token")
|
if (!login) invalid("No login token");
|
||||||
if (!special && special_required) invalid("No special token")
|
if (!special && special_required) invalid("No special token");
|
||||||
|
|
||||||
let token = await LoginToken.findOne({ token: login, valid: true })
|
let token = await LoginToken.findOne({ token: login, valid: true });
|
||||||
if (!await CheckToken(token, validated)) invalid("Login token invalid");
|
if (!(await CheckToken(token, validated)))
|
||||||
|
invalid("Login token invalid");
|
||||||
|
|
||||||
let user = await User.findById(token.user);
|
let user = await User.findById(token.user);
|
||||||
if (!user) {
|
if (!user) {
|
||||||
@ -42,30 +52,47 @@ export function GetUserMiddleware(json = false, special_required: boolean = fals
|
|||||||
|
|
||||||
let special_token;
|
let special_token;
|
||||||
if (special) {
|
if (special) {
|
||||||
Logging.debug("Special found")
|
Logging.debug("Special found");
|
||||||
special_token = await LoginToken.findOne({ token: special, special: true, valid: true, user: token.user })
|
special_token = await LoginToken.findOne({
|
||||||
if (!await CheckToken(special_token, validated))
|
token: special,
|
||||||
|
special: true,
|
||||||
|
valid: true,
|
||||||
|
user: token.user
|
||||||
|
});
|
||||||
|
if (!(await CheckToken(special_token, validated)))
|
||||||
invalid("Special token invalid");
|
invalid("Special token invalid");
|
||||||
req.special = true;
|
req.special = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
req.user = user
|
req.user = user;
|
||||||
req.isAdmin = user.admin;
|
req.isAdmin = user.admin;
|
||||||
req.token = {
|
req.token = {
|
||||||
login: token,
|
login: token,
|
||||||
special: special_token
|
special: special_token
|
||||||
}
|
};
|
||||||
|
|
||||||
if (next)
|
if (next) next();
|
||||||
next()
|
|
||||||
return true;
|
return true;
|
||||||
} catch (e) {
|
} catch (e) {
|
||||||
if (e instanceof Invalid) {
|
if (e instanceof Invalid) {
|
||||||
if (req.method === "GET" && !json) {
|
if (req.method === "GET" && !json) {
|
||||||
res.status(HttpStatusCode.UNAUTHORIZED)
|
res.status(HttpStatusCode.UNAUTHORIZED);
|
||||||
res.redirect("/login?base64=true&state=" + Buffer.from(redirect_uri ? redirect_uri : req.originalUrl).toString("base64"))
|
res.redirect(
|
||||||
|
"/login?base64=true&state=" +
|
||||||
|
Buffer.from(
|
||||||
|
redirect_uri ? redirect_uri : req.originalUrl
|
||||||
|
).toString("base64")
|
||||||
|
);
|
||||||
} else {
|
} else {
|
||||||
throw new RequestError(req.__("You are not logged in or your login is expired" + ` (${e.message})`), HttpStatusCode.UNAUTHORIZED, undefined, { auth: true })
|
throw new RequestError(
|
||||||
|
req.__(
|
||||||
|
"You are not logged in or your login is expired" +
|
||||||
|
` (${e.message})`
|
||||||
|
),
|
||||||
|
HttpStatusCode.UNAUTHORIZED,
|
||||||
|
undefined,
|
||||||
|
{ auth: true }
|
||||||
|
);
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
if (next) next(e);
|
if (next) next(e);
|
||||||
@ -76,4 +103,4 @@ export function GetUserMiddleware(json = false, special_required: boolean = fals
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
export const UserMiddleware = GetUserMiddleware();
|
export const UserMiddleware = GetUserMiddleware();
|
||||||
|
Loading…
Reference in New Issue
Block a user