Fix bug with invalid access token being assigned
This commit is contained in:
parent
8d34bfe64f
commit
2ad7e77273
|
@ -60,18 +60,18 @@ export const POST: APIRoute = async({ request }) => {
|
|||
|
||||
const tokenString = `A.${timestamp}.${userEncoded}.${random}`;
|
||||
|
||||
// const user = locationManager.getUser(userFromDb._id);
|
||||
// if(!user) return new Response(
|
||||
// JSON.stringify({
|
||||
// code: 404,
|
||||
// message: "Not found",
|
||||
// error: `User ${data.username} not found`
|
||||
// }), { status: 404 }
|
||||
// )
|
||||
const user = locationManager.getUser(userFromDb._id);
|
||||
if(!user) return new Response(
|
||||
JSON.stringify({
|
||||
code: 404,
|
||||
message: "Not found",
|
||||
error: `User ${data.username} not found`
|
||||
}), { status: 404 }
|
||||
)
|
||||
|
||||
const accessToken: AccessToken = {
|
||||
type: "A",
|
||||
user: userFromDb,
|
||||
user,
|
||||
entropy: randomHashed.toString(),
|
||||
createdAt: now,
|
||||
expiresAt: new Date(now.getTime() + expiresIn),
|
||||
|
|
|
@ -41,21 +41,6 @@ if(Astro.request.method === "POST") {
|
|||
|
||||
const sessionTime = config.SESSION_TIME_MINUTES * 60;
|
||||
|
||||
const res = await fetch(`${Astro.url.origin}/api/auth/generateAccessToken`, {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
username,
|
||||
createdFrom: 'loginForm',
|
||||
duration: sessionTime
|
||||
}),
|
||||
headers: {
|
||||
'Content-Type': 'application/json',
|
||||
'Authorization': 'Bearer ' + config.MASTER_ACCESSTOKEN
|
||||
}
|
||||
});
|
||||
|
||||
const token = (await res.json()).accessToken;
|
||||
|
||||
const galaxyIndex = Math.floor(Math.random() * 4);
|
||||
const sectorIndex = Math.floor(Math.random() * 8);
|
||||
|
||||
|
@ -93,13 +78,26 @@ if(Astro.request.method === "POST") {
|
|||
secure: true
|
||||
}
|
||||
|
||||
Astro.cookies.set("sessionToken", token, cookieOptions);
|
||||
Astro.cookies.set("username", username, cookieOptions);
|
||||
Astro.cookies.set("userid", user._id.toString() as string, cookieOptions);
|
||||
Astro.cookies.set("currentPlanet", planetData._id.toString(), cookieOptions);
|
||||
Astro.cookies.set("currentSystem", systemData._id.toString(), cookieOptions);
|
||||
|
||||
|
||||
await locationManager.init();
|
||||
const res = await fetch(`${Astro.url.origin}/api/auth/generateAccessToken`, {
|
||||
method: 'POST',
|
||||
body: JSON.stringify({
|
||||
username,
|
||||
createdFrom: 'loginForm',
|
||||
duration: sessionTime
|
||||
}),
|
||||
headers: {
|
||||
'Content-Type': 'application/json',
|
||||
'Authorization': 'Bearer ' + config.MASTER_ACCESSTOKEN
|
||||
}
|
||||
});
|
||||
const token = (await res.json()).accessToken;
|
||||
Astro.cookies.set("sessionToken", token, cookieOptions);
|
||||
|
||||
return Astro.redirect("/game");
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue