diff --git a/src/middlewares/Authentication.ts b/src/middlewares/Authentication.ts
index 0ecc1bc0..050c427f 100644
--- a/src/middlewares/Authentication.ts
+++ b/src/middlewares/Authentication.ts
@@ -1,6 +1,7 @@
import { NextFunction, Request, Response } from "express";
import { HTTPError } from "lambert-server";
import { checkToken } from "@fosscord/server-util";
+import * as Config from "../util/Config"
export const NO_AUTHORIZATION_ROUTES = [
"/api/v8/auth/login",
@@ -27,7 +28,10 @@ export async function Authentication(req: Request, res: Response, next: NextFunc
// TODO: check if user is banned/token expired
try {
- const decoded: any = await checkToken(req.headers.authorization);
+
+ const { jwtSecret } = Config.apiConfig.getAll().security;
+
+ const decoded: any = await checkToken(req.headers.authorization, jwtSecret);
req.token = decoded;
req.user_id = decoded.id;
diff --git a/src/middlewares/GlobalRateLimit.ts b/src/middlewares/GlobalRateLimit.ts
index fc121911..38098981 100644
--- a/src/middlewares/GlobalRateLimit.ts
+++ b/src/middlewares/GlobalRateLimit.ts
@@ -1,5 +1,6 @@
import { NextFunction, Request, Response } from "express";
-import Config from "../util/Config";
+import * as Config from '../util/Config'
+import crypto from "crypto";
// TODO: use mongodb ttl index
// TODO: increment count on serverside
@@ -43,7 +44,7 @@ export async function GlobalRateLimit(req: Request, res: Response, next: NextFun
}
export function getIpAdress(req: Request): string {
- const { forwadedFor } = Config.get().security;
+ const { forwadedFor } = Config.apiConfig.getAll().security;
const ip = forwadedFor ? <string>req.headers[forwadedFor] : req.ip;
return ip.replaceAll(".", "_").replaceAll(":", "_");
}
|
