auth: hash auth token

Since the auth token will be stored in hashed form in the db, we need to hash each provided auth token in order to search in the db for them.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares 2021-01-17 14:38:05 +01:00
parent 15ca030b67
commit 37a9f6526b

View file

@ -78,8 +78,9 @@ export class UsersService {
} }
async getUserByAuthToken(token: string): Promise<User> { async getUserByAuthToken(token: string): Promise<User> {
const hash = this.hashPassword(token);
const accessToken = await this.authTokenRepository.findOne({ const accessToken = await this.authTokenRepository.findOne({
where: { accessToken: token }, where: { accessToken: hash },
}); });
if (accessToken === undefined) { if (accessToken === undefined) {
throw new NotInDBError(`AuthToken '${token}' not found`); throw new NotInDBError(`AuthToken '${token}' not found`);