private: removes collision check for tokens

this seems very unnecessary as the chance of this is 1 / 2^512 Signed-off-by: Philip Molares <philip.molares@udo.edu>
2024-10-18 21:30:15 -04:00 · 2021-01-17 20:35:43 +01:00 · 2021-01-17 20:35:43 +01:00 · 324ba71d24
commit 324ba71d24
parent 97f7128355
3 changed files with 10 additions and 26 deletions
--- a/src/errors/errors.ts
+++ b/src/errors/errors.ts
@ -15,7 +15,3 @@ export class ClientError extends Error {
 export class PermissionError extends Error {
  name = 'PermissionError';
 }
-
-export class RandomnessError extends Error {
-  name = 'RandomnessError';
-}
--- a/src/users/auth-token.entity.ts
+++ b/src/users/auth-token.entity.ts
@ -22,7 +22,7 @@ export class AuthToken {
  @CreateDateColumn()
  createdAt: Date;

-  @Column()
+  @Column({ unique: true })
  accessToken: string;

  public static create(
--- a/src/users/users.service.ts
+++ b/src/users/users.service.ts
@ -7,7 +7,7 @@
 import { Injectable } from '@nestjs/common';
 import { InjectRepository } from '@nestjs/typeorm';
 import { Repository } from 'typeorm';
-import { NotInDBError, RandomnessError } from '../errors/errors';
+import { NotInDBError } from '../errors/errors';
 import { ConsoleLoggerService } from '../logger/console-logger.service';
 import { UserInfoDto } from './user-info.dto';
 import { User } from './user.entity';
@ -38,26 +38,14 @@ export class UsersService {
    identifier: string,
  ): Promise<AuthToken> {
    const user = await this.getUserByUsername(userName);
-    let accessToken = '';
-    let randomString = '';
-    for (let i = 0; i < 100; i++) {
-      try {
-        randomString = crypt.randomBytes(64).toString("base64");
-        accessToken = await this.hashPassword(randomString);
-        await this.getUserByAuthToken(accessToken);
-      } catch (NotInDBError) {
+    const randomString = crypt.randomBytes(64).toString('base64');
+    const accessToken = await this.hashPassword(randomString);
    const token = AuthToken.create(user, identifier, accessToken);
    const createdToken = this.authTokenRepository.save(token);
    return {
      accessToken: randomString,
-          ...createdToken
-        }
-      }
-    }
-    // This should never happen
-    throw new RandomnessError(
-      'Your machine is not able to generate not-in-use tokens. This should never happen.',
-    );
+      ...createdToken,
+    };
  }

  async deleteUser(userName: string) {