summary refs log tree commit diff
path: root/src
diff options
context:
space:
mode:
authorFlam3rboy <34555296+Flam3rboy@users.noreply.github.com>2021-05-24 19:32:35 +0200
committerFlam3rboy <34555296+Flam3rboy@users.noreply.github.com>2021-05-24 19:32:35 +0200
commit1ba36abdf07dd32514d1adae1669b842dcb55a06 (patch)
tree873e816483b7a75b32860ca97f0f87c8d56c9394 /src
parent1.3.1 (diff)
downloadserver-1ba36abdf07dd32514d1adae1669b842dcb55a06.tar.xz
additional token checks: user disabled/deleted or if the token was revoked
Diffstat (limited to 'src')
-rw-r--r--src/models/User.ts4


-rw-r--r--src/util/checkToken.ts9


2 files changed, 12 insertions, 1 deletions
diff --git a/src/models/User.ts b/src/models/User.ts

index 2b4f43b9..e4586088 100644
--- a/src/models/User.ts
+++ b/src/models/User.ts
@@ -27,6 +27,8 @@ export interface User {
 	mfa_enabled: boolean; // if multi factor authentication is enabled
 	created_at: Date; // registration date
 	verified: boolean; // if the user is offically verified
+	disabled: boolean; // if the account is disabled
+	deleted: boolean; // if the user was deleted
 	email: string | null; // email of the user
 	flags: bigint; // UserFlags
 	public_flags: bigint;
@@ -141,6 +143,8 @@ export const UserSchema = new Schema({
 	mfa_enabled: Boolean,
 	created_at: Date,
 	verified: Boolean,
+	disabled: Boolean,
+	deleted: Boolean,
 	email: String,
 	flags: { type: String, get: toBigInt }, // TODO: automatically convert Types.Long to BitField of UserFlags
 	public_flags: { type: String, get: toBigInt },
diff --git a/src/util/checkToken.ts b/src/util/checkToken.ts

index 80896de7..1a52b5b9 100644
--- a/src/util/checkToken.ts
+++ b/src/util/checkToken.ts
@@ -1,11 +1,18 @@
 import { JWTOptions } from "./Constants";
 import jwt from "jsonwebtoken";
+import { UserModel } from "../models";
 
 export function checkToken(token: string, jwtSecret: string): Promise<any> {
 	return new Promise((res, rej) => {
-		jwt.verify(token, jwtSecret, JWTOptions, (err, decoded: any) => {
+		jwt.verify(token, jwtSecret, JWTOptions, async (err, decoded: any) => {
 			if (err || !decoded) return rej("Invalid Token");
 
+			const user = await UserModel.findOne({ id: decoded.id }, { "user_data.valid_tokens_since": true }).exec();
+			if (!user) return rej("User not found");
+			if (decoded.iat * 1000 < user.user_data.valid_tokens_since.getTime()) return rej("Invalid Token");
+			if (user.disabled) return rej("User disabled");
+			if (user.deleted) return rej("User not found");
+
 			return res(decoded);
 		});
 	});

 

generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-07-04 06:55:26 +0000