Dekescordes/spacebar
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

🐛 fix checkToken

Browse Source
This commit is contained in:
Flam3rboy 2021-06-23 18:06:00 +02:00
parent 9c86deaa7d
commit e3dda743af
2 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/util/Database.ts
View File

@ -2,7 +2,6 @@ import "./MongoBigInt";
import mongoose, { Collection, Connection, LeanDocument } from "mongoose"; import mongoose, { Collection, Connection, LeanDocument } from "mongoose";
import { ChangeStream, ChangeEvent, Long } from "mongodb"; import { ChangeStream, ChangeEvent, Long } from "mongodb";
import EventEmitter from "events"; import EventEmitter from "events";
import { Document } from "mongoose";
const uri = process.env.MONGO_URL || "mongodb://localhost:27017/fosscord?readPreference=secondaryPreferred"; const uri = process.env.MONGO_URL || "mongodb://localhost:27017/fosscord?readPreference=secondaryPreferred";
// TODO: auto throw error if findOne doesn't find anything // TODO: auto throw error if findOne doesn't find anything

3
src/util/checkToken.ts
View File

@ -9,7 +9,8 @@ export function checkToken(token: string, jwtSecret: string): Promise<any> {
const user = await UserModel.findOne({ id: decoded.id }, { "user_data.valid_tokens_since": true }).exec(); const user = await UserModel.findOne({ id: decoded.id }, { "user_data.valid_tokens_since": true }).exec();
if (!user) return rej("Invalid Token"); if (!user) return rej("Invalid Token");
if (decoded.iat * 1000 < user.user_data.valid_tokens_since.getTime()) return rej("Invalid Token"); // we need to round it to seconds as it saved as seconds in jwt iat and valid_tokens_since is stored in milliseconds
if (decoded.iat * 1000 < user.user_data.valid_tokens_since.setSeconds(0, 0)) return rej("Invalid Token");
if (user.disabled) return rej("User disabled"); if (user.disabled) return rej("User disabled");
if (user.deleted) return rej("User not found"); if (user.deleted) return rej("User not found");