HOTFIX: how long was this broken?

HOTFIX: I hate everything right now
HOTFIX: don't test in prod
2024-01-01 11:57:43 +11:00 · 2023-12-24 07:06:20 +11:00 · 2023-12-24 06:43:05 +11:00
5 changed files with 16 additions and 11 deletions
@@ -1,12 +1,12 @@
 {
  "name": "auth-server",
-  "version": "1.8.3",
+  "version": "1.8.6",
  "lockfileVersion": 3,
  "requires": true,
  "packages": {
    "": {
      "name": "auth-server",
-      "version": "1.8.3",
+      "version": "1.8.6",
      "license": "ISC",
      "dependencies": {
        "bcryptjs": "^2.4.3",
@@ -1,6 +1,6 @@
 {
  "name": "auth-server",
-  "version": "1.8.3",
+  "version": "1.8.6",
  "description": "An API centric auth server. Uses Sequelize and mariaDB by default.",
  "main": "server/server.js",
  "scripts": {
@@ -27,7 +27,7 @@ router.use(tokenDecode);
 router.use(async (req, res, next) => {
 	const record = await accounts.findOne({
 		where: {
-			email: req.user.email || ''
+			email: req.user?.email || ''
 		}
 	});

@@ -9,13 +9,9 @@ module.exports = (req, res, next) => {
 		return res.status(401).send('No access token provided');
 	}

-	return jwt.decode(accessToken, process.env.SECRET_ACCESS, (err, user) => {
-		if (err) {
-			return res.status(403).send(err);
-		}
+	const decoded = jwt.decode(accessToken);

-		req.user = user;
+	req.user = decoded;

-		return next();
-	});
+	return next();
 };
@@ -48,6 +48,9 @@ const TokenProvider = props => {
 			//ping the auth server for a new access token
 			const response = await fetch(`${process.env.AUTH_URI}/auth/token`, {
 				method: 'POST',
+				headers: {
+					'Authorization': `Bearer ${bearer}`
+				},
 				credentials: 'include'
 			});

@@ -79,6 +82,9 @@ const TokenProvider = props => {

 	//access the refreshed token via callback
 	const tokenCallback = async (cb) => {
+		//use this?
+		let bearer = accessToken;
+
 		//if expired (10 minutes, normally)
 		const expired = new Date(decode(accessToken).exp) < Date.now() / 1000;

@@ -86,6 +92,9 @@ const TokenProvider = props => {
 			//ping the auth server for a new token
 			const response = await fetch(`${process.env.AUTH_URI}/auth/token`, {
 				method: 'POST',
+				headers: {
+					'Authorization': `Bearer ${bearer}`
+				},
 				credentials: 'include'
 			});
Author	SHA1	Message	Date
Ratstail91	7429c4a1ee	HOTFIX: how long was this broken?	2024-01-01 11:57:43 +11:00
Ratstail91	ee705c6d43	HOTFIX: I hate everything right now	2023-12-24 07:06:20 +11:00
Ratstail91	58bc3f6b9d	HOTFIX: don't test in prod	2023-12-24 06:43:05 +11:00