private: save token hashed

Auth tokens are now saved in hashed form. Signed-off-by: Philip Molares <philip.molares@udo.edu>
2024-11-25 11:16:31 -05:00 · 2021-01-17 14:45:16 +01:00 · 2021-01-17 14:45:16 +01:00 · 822c01f2c7
commit 822c01f2c7
parent e5545043be
1 changed files with 2 additions and 1 deletions
--- a/src/users/users.service.ts
+++ b/src/users/users.service.ts
@ -41,7 +41,8 @@ export class UsersService {
    let accessToken = '';
    for (let i = 0; i < 100; i++) {
      try {
-        accessToken = crypt.randomBytes(64).toString();
+        const randomString = crypt.randomBytes(64).toString();
        accessToken = await this.hashPassword(randomString);
        await this.getUserByAuthToken(accessToken);
      } catch (NotInDBError) {
        const token = AuthToken.create(user, identifier, accessToken);