1
0
mirror of https://github.com/spacebarchat/server.git synced 2024-11-14 06:32:36 +01:00

additional token checks: user disabled/deleted or if the token was revoked

This commit is contained in:
Flam3rboy 2021-05-24 19:32:35 +02:00
parent 6fcb63bf81
commit 1ba36abdf0
2 changed files with 12 additions and 1 deletions

View File

@ -27,6 +27,8 @@ export interface User {
mfa_enabled: boolean; // if multi factor authentication is enabled mfa_enabled: boolean; // if multi factor authentication is enabled
created_at: Date; // registration date created_at: Date; // registration date
verified: boolean; // if the user is offically verified verified: boolean; // if the user is offically verified
disabled: boolean; // if the account is disabled
deleted: boolean; // if the user was deleted
email: string | null; // email of the user email: string | null; // email of the user
flags: bigint; // UserFlags flags: bigint; // UserFlags
public_flags: bigint; public_flags: bigint;
@ -141,6 +143,8 @@ export const UserSchema = new Schema({
mfa_enabled: Boolean, mfa_enabled: Boolean,
created_at: Date, created_at: Date,
verified: Boolean, verified: Boolean,
disabled: Boolean,
deleted: Boolean,
email: String, email: String,
flags: { type: String, get: toBigInt }, // TODO: automatically convert Types.Long to BitField of UserFlags flags: { type: String, get: toBigInt }, // TODO: automatically convert Types.Long to BitField of UserFlags
public_flags: { type: String, get: toBigInt }, public_flags: { type: String, get: toBigInt },

View File

@ -1,11 +1,18 @@
import { JWTOptions } from "./Constants"; import { JWTOptions } from "./Constants";
import jwt from "jsonwebtoken"; import jwt from "jsonwebtoken";
import { UserModel } from "../models";
export function checkToken(token: string, jwtSecret: string): Promise<any> { export function checkToken(token: string, jwtSecret: string): Promise<any> {
return new Promise((res, rej) => { return new Promise((res, rej) => {
jwt.verify(token, jwtSecret, JWTOptions, (err, decoded: any) => { jwt.verify(token, jwtSecret, JWTOptions, async (err, decoded: any) => {
if (err || !decoded) return rej("Invalid Token"); if (err || !decoded) return rej("Invalid Token");
const user = await UserModel.findOne({ id: decoded.id }, { "user_data.valid_tokens_since": true }).exec();
if (!user) return rej("User not found");
if (decoded.iat * 1000 < user.user_data.valid_tokens_since.getTime()) return rej("Invalid Token");
if (user.disabled) return rej("User disabled");
if (user.deleted) return rej("User not found");
return res(decoded); return res(decoded);
}); });
}); });