Docker/codex.docs
Docker/codex.docs
1
0
Fork 0
mirror of https://github.com/codex-team/codex.docs.git synced 2025-07-19 13:19:42 +02:00
Code Issues Releases Activity

Password from env variable (#170)

Browse source 
* rm: remove the generate password file

* rm: commander package

* rm: remove the password reading from db

* feat: password hash reading from env added

* passHash replace with password

* raw password comparison added

* rm: user model and controller removed

* update: auth route and token verification

* replace multiple dotenv config with one

* .env.sample added with updated docker yml

* rm:remove the bcrypt

* readme updated with .env

* remove generatePassword from package json

* updated docs

* removed the console.log
This commit is contained in:
Umang G. Patel 2022-04-24 16:54:36 +05:30 committed by GitHub
parent aaf2644ed4
commit 303d670c49
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
13 changed files with 53 additions and 359 deletions
Download patch file Download diff file Expand all files Collapse all files

9
src/backend/routes/middlewares/token.ts
View file

@ -1,10 +1,7 @@
import * as dotenv from 'dotenv';
import config from 'config';
import { NextFunction, Request, Response } from 'express';
import jwt from 'jsonwebtoken';
import Users from '../../controllers/users';
dotenv.config();
/**
* Middleware for checking jwt token
@ -17,16 +14,14 @@ export default async function verifyToken(req: Request, res: Response, next: Nex
const token = req.cookies.authToken;
try {
const userDoc = await Users.get();
if (!userDoc.passHash) {
if (!process.env.PASSWORD) {
res.locals.isAuthorized = false;
next();
return;
}
const decodedToken = jwt.verify(token, userDoc.passHash + config.get('secret'));
const decodedToken = jwt.verify(token, process.env.PASSWORD + config.get('secret'));
res.locals.isAuthorized = !!decodedToken;