summary refs log tree commit diff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/util/Database.ts1
-rw-r--r--src/util/checkToken.ts3
2 files changed, 2 insertions, 2 deletions
diff --git a/src/util/Database.ts b/src/util/Database.ts

index e5323ed6..3a0f0157 100644
--- a/src/util/Database.ts
+++ b/src/util/Database.ts
@@ -2,7 +2,6 @@ import "./MongoBigInt";
 import mongoose, { Collection, Connection, LeanDocument } from "mongoose";
 import { ChangeStream, ChangeEvent, Long } from "mongodb";
 import EventEmitter from "events";
-import { Document } from "mongoose";
 const uri = process.env.MONGO_URL || "mongodb://localhost:27017/fosscord?readPreference=secondaryPreferred";
 
 // TODO: auto throw error if findOne doesn't find anything
diff --git a/src/util/checkToken.ts b/src/util/checkToken.ts

index 73ffb670..4a60195b 100644
--- a/src/util/checkToken.ts
+++ b/src/util/checkToken.ts
@@ -9,7 +9,8 @@ export function checkToken(token: string, jwtSecret: string): Promise<any> {
 
 			const user = await UserModel.findOne({ id: decoded.id }, { "user_data.valid_tokens_since": true }).exec();
 			if (!user) return rej("Invalid Token");
-			if (decoded.iat * 1000 < user.user_data.valid_tokens_since.getTime()) return rej("Invalid Token");
+			// we need to round it to seconds as it saved as seconds in jwt iat and valid_tokens_since is stored in milliseconds
+			if (decoded.iat * 1000 < user.user_data.valid_tokens_since.setSeconds(0, 0)) return rej("Invalid Token");
 			if (user.disabled) return rej("User disabled");
 			if (user.deleted) return rej("User not found");
generated by cgit-magenta 1.5.1 (git 2.48.1) at 2025-07-10 09:56:14 +0000