Lightemerald/hsp-gdh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Improved consistency and fixed veriFyToken function

Browse Source
This commit is contained in:
Lightemerald
2024-02-26 11:14:05 +01:00
parent 78523d4e8d
commit ab72bf2593
7 changed files with 38 additions and 34 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
modules/tokenManager.js
View File

@@ -1,8 +1,7 @@
/* eslint-disable no-undef */
import jwt from 'jsonwebtoken';
import { Level } from 'level';
import { pool } from './databaseManager';
import { respondWithStatus } from './requestHandler';
import { userExists } from './permissionManager';
const db = new Level('tokens', { valueEncoding: 'json' });
@@ -21,8 +20,10 @@ export async function verifyToken(req, res, next) {
const decoded = jwt.verify(token, process.env.JWT_SECRET);
req.userId = decoded.userId;
if (!userExists(userId)) return await respondWithStatus(res, 404, 'User not found');
const passwordMatch = await Bun.password.verify(decoded.password, rows[0].password);
const [user] = await pool.execute('SELECT * FROM users WHERE id = ? LIMIT 1', [req.userId]);
if (user.length === 0) return await respondWithStatus(res, 404, 'User not found');
const passwordMatch = await Bun.password.verify(decoded.password, user[0].password);
if (!passwordMatch) return await respondWithStatus(res, 401, 'Token is invalid');
const tokenStatus = await db.get(token);
if (tokenStatus != 'valid') {