HOTFIX: I hate everything right now

HOTFIX: don't test in prod
Hotfixes all the way down
2023-12-24 07:06:20 +11:00 · 2023-12-24 06:43:05 +11:00 · 2023-12-24 05:38:27 +11:00 · 2023-12-24 05:00:49 +11:00
6 changed files with 34 additions and 4 deletions
@@ -1,12 +1,12 @@
 {
  "name": "auth-server",
-  "version": "1.8.1",
+  "version": "1.8.5",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "auth-server",
-      "version": "1.8.1",
+      "version": "1.8.5",
      "license": "ISC",
      "dependencies": {
        "bcryptjs": "^2.4.3",
@@ -1,6 +1,6 @@
 {
  "name": "auth-server",
-  "version": "1.8.1",
+  "version": "1.8.5",
  "description": "An API centric auth server. Uses Sequelize and mariaDB by default.",
  "main": "server/server.js",
  "scripts": {
@@ -5,6 +5,7 @@ const { accounts } = require('../database/models');
 //middleware
 const tokenAuth = require('../utilities/token-auth');
 const tokenDecode = require('../utilities/token-decode');
 //signup -> validate -> login all without a token
 router.post('/signup', require('./signup'));
@@ -19,6 +20,9 @@ router.patch('/reset', require('./password-reset'));
 //logouts allowed when banned, and when the token itself is invalid
 router.delete('/logout', require('./logout'));
 //authenticate token
 router.use(tokenDecode);
 //middleware
 router.use(async (req, res, next) => {
 	const record = await accounts.findOne({
@@ -6,7 +6,7 @@ module.exports = (req, res, next) => {
 	const accessToken = authHeader?.split(' ')[1]; //'Bearer token'
 	if (!accessToken) {
-		return res.status(401).send('No access token found');
+		return res.status(401).send('No access token provided');
 	}
 	return jwt.verify(accessToken, process.env.SECRET_ACCESS, (err, user) => {
@@ -0,0 +1,17 @@
 const jwt = require('jsonwebtoken');
 //middleware to decode the JWT token
 module.exports = (req, res, next) => {
 	const authHeader = req.headers['authorization'];
 	const accessToken = authHeader?.split(' ')[1]; //'Bearer token'
 	if (!accessToken) {
 		return res.status(401).send('No access token provided');
 	}
 	const decoded = jwt.decode(accessToken);
 	req.user = decoded;
 	return next();
 };
@@ -48,6 +48,9 @@ const TokenProvider = props => {
 			//ping the auth server for a new access token
 			const response = await fetch(`${process.env.AUTH_URI}/auth/token`, {
 				method: 'POST',
 				headers: {
 					'Authorization': `Bearer ${bearer}`
 				},
 				credentials: 'include'
 			});
@@ -79,6 +82,9 @@ const TokenProvider = props => {
 	//access the refreshed token via callback
 	const tokenCallback = async (cb) => {
 		//use this?
 		let bearer = accessToken;
 		//if expired (10 minutes, normally)
 		const expired = new Date(decode(accessToken).exp) < Date.now() / 1000;
@@ -86,6 +92,9 @@ const TokenProvider = props => {
 			//ping the auth server for a new token
 			const response = await fetch(`${process.env.AUTH_URI}/auth/token`, {
 				method: 'POST',
 				headers: {
 					'Authorization': `Bearer ${bearer}`
 				},
 				credentials: 'include'
 			});
Author	SHA1	Message	Date
Ratstail91	ee705c6d43	HOTFIX: I hate everything right now	2023-12-24 07:06:20 +11:00
Ratstail91	58bc3f6b9d	HOTFIX: don't test in prod	2023-12-24 06:43:05 +11:00
Ratstail91	288e584cbd	Hotfixes all the way down	2023-12-24 05:38:27 +11:00
Ratstail91	8ab786b934	Hotfix a hotfix	2023-12-24 05:00:49 +11:00