github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-12-22 21:12:04 +00:00
Code Issues Projects Releases Packages Wiki Activity

auth: Fix undefined secret error

Browse source 
Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares 2021-01-29 22:24:19 +01:00 committed by David Mehren
parent aa10e10412
commit 08ba52293c
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3
1 changed files with 3 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/auth/auth.service.ts
View file

@ -36,6 +36,9 @@ export class AuthService {
async validateToken(token: string): Promise<User> {
const [keyId, secret] = token.split('.');
if (!secret) {
throw new TokenNotValidError('Invalid AuthToken format');
}
if (secret.length > 72) {
// Only the first 72 characters of the tokens are considered by bcrypt
// This should prevent strange corner cases