summary refs log tree commit diff
path: root/rtc/src/util/checkToken.ts
diff options
context:
space:
mode:
Diffstat (limited to 'rtc/src/util/checkToken.ts')
-rw-r--r--rtc/src/util/checkToken.ts24
1 files changed, 24 insertions, 0 deletions
diff --git a/rtc/src/util/checkToken.ts b/rtc/src/util/checkToken.ts
new file mode 100644
index 00000000..91bf08d5
--- /dev/null
+++ b/rtc/src/util/checkToken.ts
@@ -0,0 +1,24 @@
+import { JWTOptions } from "./Constants";
+import jwt from "jsonwebtoken";
+import { UserModel } from "../models";
+
+export function checkToken(token: string, jwtSecret: string): Promise<any> {
+	return new Promise((res, rej) => {
+		token = token.replace("Bot ", ""); // TODO: proper bot support
+		jwt.verify(token, jwtSecret, JWTOptions, async (err, decoded: any) => {
+			if (err || !decoded) return rej("Invalid Token");
+
+			const user = await UserModel.findOne(
+				{ id: decoded.id },
+				{ "user_data.valid_tokens_since": true, bot: true, disabled: true, deleted: true }
+			).exec();
+			if (!user) return rej("Invalid Token");
+			// we need to round it to seconds as it saved as seconds in jwt iat and valid_tokens_since is stored in milliseconds
+			if (decoded.iat * 1000 < user.user_data.valid_tokens_since.setSeconds(0, 0)) return rej("Invalid Token");
+			if (user.disabled) return rej("User disabled");
+			if (user.deleted) return rej("User not found");
+
+			return res({ decoded, user });
+		});
+	});
+}
generated by cgit-pink 1.4.1 (git 2.36.1) at 2024-11-14 17:08:17 +0000