Fix bug with invalid access token being assigned
This commit is contained in:
parent
8d34bfe64f
commit
2ad7e77273
|
@ -60,18 +60,18 @@ export const POST: APIRoute = async({ request }) => {
|
||||||
|
|
||||||
const tokenString = `A.${timestamp}.${userEncoded}.${random}`;
|
const tokenString = `A.${timestamp}.${userEncoded}.${random}`;
|
||||||
|
|
||||||
// const user = locationManager.getUser(userFromDb._id);
|
const user = locationManager.getUser(userFromDb._id);
|
||||||
// if(!user) return new Response(
|
if(!user) return new Response(
|
||||||
// JSON.stringify({
|
JSON.stringify({
|
||||||
// code: 404,
|
code: 404,
|
||||||
// message: "Not found",
|
message: "Not found",
|
||||||
// error: `User ${data.username} not found`
|
error: `User ${data.username} not found`
|
||||||
// }), { status: 404 }
|
}), { status: 404 }
|
||||||
// )
|
)
|
||||||
|
|
||||||
const accessToken: AccessToken = {
|
const accessToken: AccessToken = {
|
||||||
type: "A",
|
type: "A",
|
||||||
user: userFromDb,
|
user,
|
||||||
entropy: randomHashed.toString(),
|
entropy: randomHashed.toString(),
|
||||||
createdAt: now,
|
createdAt: now,
|
||||||
expiresAt: new Date(now.getTime() + expiresIn),
|
expiresAt: new Date(now.getTime() + expiresIn),
|
||||||
|
|
|
@ -41,21 +41,6 @@ if(Astro.request.method === "POST") {
|
||||||
|
|
||||||
const sessionTime = config.SESSION_TIME_MINUTES * 60;
|
const sessionTime = config.SESSION_TIME_MINUTES * 60;
|
||||||
|
|
||||||
const res = await fetch(`${Astro.url.origin}/api/auth/generateAccessToken`, {
|
|
||||||
method: 'POST',
|
|
||||||
body: JSON.stringify({
|
|
||||||
username,
|
|
||||||
createdFrom: 'loginForm',
|
|
||||||
duration: sessionTime
|
|
||||||
}),
|
|
||||||
headers: {
|
|
||||||
'Content-Type': 'application/json',
|
|
||||||
'Authorization': 'Bearer ' + config.MASTER_ACCESSTOKEN
|
|
||||||
}
|
|
||||||
});
|
|
||||||
|
|
||||||
const token = (await res.json()).accessToken;
|
|
||||||
|
|
||||||
const galaxyIndex = Math.floor(Math.random() * 4);
|
const galaxyIndex = Math.floor(Math.random() * 4);
|
||||||
const sectorIndex = Math.floor(Math.random() * 8);
|
const sectorIndex = Math.floor(Math.random() * 8);
|
||||||
|
|
||||||
|
@ -93,13 +78,26 @@ if(Astro.request.method === "POST") {
|
||||||
secure: true
|
secure: true
|
||||||
}
|
}
|
||||||
|
|
||||||
Astro.cookies.set("sessionToken", token, cookieOptions);
|
|
||||||
Astro.cookies.set("username", username, cookieOptions);
|
Astro.cookies.set("username", username, cookieOptions);
|
||||||
Astro.cookies.set("userid", user._id.toString() as string, cookieOptions);
|
Astro.cookies.set("userid", user._id.toString() as string, cookieOptions);
|
||||||
Astro.cookies.set("currentPlanet", planetData._id.toString(), cookieOptions);
|
Astro.cookies.set("currentPlanet", planetData._id.toString(), cookieOptions);
|
||||||
Astro.cookies.set("currentSystem", systemData._id.toString(), cookieOptions);
|
Astro.cookies.set("currentSystem", systemData._id.toString(), cookieOptions);
|
||||||
|
|
||||||
await locationManager.init();
|
await locationManager.init();
|
||||||
|
const res = await fetch(`${Astro.url.origin}/api/auth/generateAccessToken`, {
|
||||||
|
method: 'POST',
|
||||||
|
body: JSON.stringify({
|
||||||
|
username,
|
||||||
|
createdFrom: 'loginForm',
|
||||||
|
duration: sessionTime
|
||||||
|
}),
|
||||||
|
headers: {
|
||||||
|
'Content-Type': 'application/json',
|
||||||
|
'Authorization': 'Bearer ' + config.MASTER_ACCESSTOKEN
|
||||||
|
}
|
||||||
|
});
|
||||||
|
const token = (await res.json()).accessToken;
|
||||||
|
Astro.cookies.set("sessionToken", token, cookieOptions);
|
||||||
|
|
||||||
return Astro.redirect("/game");
|
return Astro.redirect("/game");
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue