additional token checks: user disabled/deleted or if the token was revoked

author: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> 2021-05-24 19:32:35 +0200
committer: Flam3rboy <34555296+Flam3rboy@users.noreply.github.com> 2021-05-24 19:32:35 +0200
commit: 1ba36abdf07dd32514d1adae1669b842dcb55a06 (patch)
tree: 873e816483b7a75b32860ca97f0f87c8d56c9394 /src/util
parent: 1.3.1 (diff)
download: server-1ba36abdf07dd32514d1adae1669b842dcb55a06.tar.xz
1 files changed, 8 insertions, 1 deletions
diff --git a/src/util/checkToken.ts b/src/util/checkToken.ts
index 80896de7..1a52b5b9 100644
--- a/src/util/checkToken.ts
+++ b/src/util/checkToken.ts
@@ -1,11 +1,18 @@
 import { JWTOptions } from "./Constants";
 import jwt from "jsonwebtoken";
+import { UserModel } from "../models";
 
 export function checkToken(token: string, jwtSecret: string): Promise<any> {
 	return new Promise((res, rej) => {
-		jwt.verify(token, jwtSecret, JWTOptions, (err, decoded: any) => {
+		jwt.verify(token, jwtSecret, JWTOptions, async (err, decoded: any) => {
 			if (err || !decoded) return rej("Invalid Token");
 
+			const user = await UserModel.findOne({ id: decoded.id }, { "user_data.valid_tokens_since": true }).exec();
+			if (!user) return rej("User not found");
+			if (decoded.iat * 1000 < user.user_data.valid_tokens_since.getTime()) return rej("Invalid Token");
+			if (user.disabled) return rej("User disabled");
+			if (user.deleted) return rej("User not found");
+
 			return res(decoded);
 		});
 	});
author	Flam3rboy <34555296+Flam3rboy@users.noreply.github.com>	2021-05-24 19:32:35 +0200
committer	Flam3rboy <34555296+Flam3rboy@users.noreply.github.com>	2021-05-24 19:32:35 +0200
commit	1ba36abdf07dd32514d1adae1669b842dcb55a06 (patch)
tree	873e816483b7a75b32860ca97f0f87c8d56c9394 /src/util
parent	1.3.1 (diff)
download	server-1ba36abdf07dd32514d1adae1669b842dcb55a06.tar.xz