github/hedgedoc
1
0
Fork 0
mirror of https://github.com/hedgedoc/hedgedoc.git synced 2024-11-25 03:06:31 -05:00
Code Issues Projects Releases Packages Wiki Activity

private: save token hashed

Browse source 
Auth tokens are now saved in hashed form.

Signed-off-by: Philip Molares <philip.molares@udo.edu>
This commit is contained in:
Philip Molares 2021-01-17 14:45:16 +01:00 committed by David Mehren
parent e5545043be
commit 822c01f2c7
No known key found for this signature in database
GPG key ID: 185982BA4C42B7C3
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
src/users/users.service.ts
View file

@ -41,7 +41,8 @@ export class UsersService {
let accessToken = '';
for (let i = 0; i < 100; i++) {
try {
accessToken = crypt.randomBytes(64).toString();
const randomString = crypt.randomBytes(64).toString();
accessToken = await this.hashPassword(randomString);
await this.getUserByAuthToken(accessToken);
} catch (NotInDBError) {
const token = AuthToken.create(user, identifier, accessToken);