diff options
| author | Puyodead1 <puyodead@proton.me> | 2023-01-31 09:15:18 -0500 |
|---|---|---|
| committer | Puyodead1 <puyodead@protonmail.com> | 2023-02-23 22:49:55 -0500 |
| commit | 1aba7d591cf6641c77571c8ce46e036021502152 (patch) | |
| tree | 638e6545cd26ab461bbca60fa1f290c3a223a882 /src/api | |
| parent | fix: verification required for login not working correctly (diff) | |
| download | server-1aba7d591cf6641c77571c8ce46e036021502152.tar.xz | |
fix: email verification
Diffstat (limited to 'src/api')
| -rw-r--r-- | src/api/routes/auth/verify/index.ts | 28 | ||||
| -rw-r--r-- | src/api/routes/auth/verify/resend.ts | 2 |
2 files changed, 15 insertions, 15 deletions
diff --git a/src/api/routes/auth/verify/index.ts b/src/api/routes/auth/verify/index.ts index 14cc3f95..91ff9b93 100644 --- a/src/api/routes/auth/verify/index.ts +++ b/src/api/routes/auth/verify/index.ts @@ -17,11 +17,21 @@ */ import { route, verifyCaptcha } from "@fosscord/api"; -import { checkToken, Config, FieldErrors, User } from "@fosscord/util"; +import { checkToken, Config, generateToken, User } from "@fosscord/util"; import { Request, Response, Router } from "express"; import { HTTPError } from "lambert-server"; const router = Router(); +async function getToken(user: User) { + const token = await generateToken(user.id); + + // Notice this will have a different token structure, than discord + // Discord header is just the user id as string, which is not possible with npm-jsonwebtoken package + // https://user-images.githubusercontent.com/6506416/81051916-dd8c9900-8ec2-11ea-8794-daf12d6f31f0.png + + return { token }; +} + router.post( "/", route({ body: "VerifyEmailSchema" }), @@ -43,23 +53,13 @@ router.post( try { const { jwtSecret } = Config.get().security; - const { decoded, user } = await checkToken(token, jwtSecret); - - // toksn should last for 24 hours from the time they were issued - if (new Date().getTime() > decoded.iat * 1000 + 86400 * 1000) { - throw FieldErrors({ - token: { - code: "TOKEN_INVALID", - message: "Invalid token", // TODO: add translation - }, - }); - } + const { user } = await checkToken(token, jwtSecret, true); - if (user.verified) return res.send(user); + if (user.verified) return res.json(await getToken(user)); await User.update({ id: user.id }, { verified: true }); - return res.send(user); + return res.json(await getToken(user)); } catch (error) { throw new HTTPError((error as Error).toString(), 400); } diff --git a/src/api/routes/auth/verify/resend.ts b/src/api/routes/auth/verify/resend.ts index d9a9cda5..a798a3d9 100644 --- a/src/api/routes/auth/verify/resend.ts +++ b/src/api/routes/auth/verify/resend.ts @@ -25,7 +25,7 @@ const router = Router(); router.post("/", route({}), async (req: Request, res: Response) => { const user = await User.findOneOrFail({ where: { id: req.user_id }, - select: ["email"], + select: ["username", "email"], }); if (!user.email) { |