Docker/codex.docs
Docker/codex.docs
1
0
Fork 0
mirror of https://github.com/codex-team/codex.docs.git synced 2025-08-09 15:35:25 +02:00
Code Issues Releases Activity

update: auth route and token verification

Browse source
This commit is contained in:
Umang G. Patel 2022-04-23 10:44:36 +05:30
parent 582635b4c7
commit b2f9147c9a
2 changed files with 4 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

7
src/backend/routes/auth.ts
View file

@ -1,10 +1,8 @@
import express, { Request, Response } from 'express';
import jwt from 'jsonwebtoken';
import config from 'config';
import bcrypt from 'bcrypt';
import csrf from 'csurf';
import * as dotenv from 'dotenv';
import Users from '../controllers/users';
dotenv.config();
@ -27,10 +25,9 @@ router.get('/auth', csrfProtection, function (req: Request, res: Response) {
*/
router.post('/auth', parseForm, csrfProtection, async (req: Request, res: Response) => {
try {
const userDoc = await Users.get();
const password = userDoc.password;
const password = process.env.PASSWORD;
if (!password) {
if (!process.env.PASSWORD) {
res.render('auth', {
title: 'Login page',
header: 'Password not set',

7
src/backend/routes/middlewares/token.ts
View file

@ -2,7 +2,6 @@ import * as dotenv from 'dotenv';
import config from 'config';
import { NextFunction, Request, Response } from 'express';
import jwt from 'jsonwebtoken';
import Users from '../../controllers/users';
dotenv.config();
@ -17,16 +16,14 @@ export default async function verifyToken(req: Request, res: Response, next: Nex
const token = req.cookies.authToken;
try {
const userDoc = await Users.get();
if (!userDoc.password) {
if (!process.env.PASSWORD) {
res.locals.isAuthorized = false;
next();
return;
}
const decodedToken = jwt.verify(token, userDoc.password + config.get('secret'));
const decodedToken = jwt.verify(token, process.env.PASSWORD + config.get('secret'));
res.locals.isAuthorized = !!decodedToken;