mirror of
https://github.com/hedgedoc/hedgedoc.git
synced 2024-11-30 07:11:06 -05:00
auth: hash auth token
Since the auth token will be stored in hashed form in the db, we need to hash each provided auth token in order to search in the db for them. Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
parent
15ca030b67
commit
37a9f6526b
1 changed files with 2 additions and 1 deletions
|
@ -78,8 +78,9 @@ export class UsersService {
|
||||||
}
|
}
|
||||||
|
|
||||||
async getUserByAuthToken(token: string): Promise<User> {
|
async getUserByAuthToken(token: string): Promise<User> {
|
||||||
|
const hash = this.hashPassword(token);
|
||||||
const accessToken = await this.authTokenRepository.findOne({
|
const accessToken = await this.authTokenRepository.findOne({
|
||||||
where: { accessToken: token },
|
where: { accessToken: hash },
|
||||||
});
|
});
|
||||||
if (accessToken === undefined) {
|
if (accessToken === undefined) {
|
||||||
throw new NotInDBError(`AuthToken '${token}' not found`);
|
throw new NotInDBError(`AuthToken '${token}' not found`);
|
||||||
|
|
Loading…
Reference in a new issue