github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-10-19 22:00:15 -04:00
Code Issues Projects Releases Packages Wiki Activity

auth: Fix undefined secret error

Browse source 
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares 2021-01-29 22:24:19 +01:00
parent ba517b3cfe
commit 08b3dd5db9
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/auth/auth.service.ts
View file

@ -36,6 +36,9 @@ export class AuthService {
async validateToken(token: string): Promise<User> {
const [keyId, secret] = token.split('.');
if (!secret) {
throw new TokenNotValidError('Invalid AuthToken format');
}
if (secret.length > 72) {
// Only the first 72 characters of the tokens are considered by bcrypt
// This should prevent strange corner cases