mirror of
https://github.com/spacebarchat/server.git
synced 2024-11-14 06:32:36 +01:00
additional token checks: user disabled/deleted or if the token was revoked
This commit is contained in:
parent
6fcb63bf81
commit
1ba36abdf0
@ -27,6 +27,8 @@ export interface User {
|
|||||||
mfa_enabled: boolean; // if multi factor authentication is enabled
|
mfa_enabled: boolean; // if multi factor authentication is enabled
|
||||||
created_at: Date; // registration date
|
created_at: Date; // registration date
|
||||||
verified: boolean; // if the user is offically verified
|
verified: boolean; // if the user is offically verified
|
||||||
|
disabled: boolean; // if the account is disabled
|
||||||
|
deleted: boolean; // if the user was deleted
|
||||||
email: string | null; // email of the user
|
email: string | null; // email of the user
|
||||||
flags: bigint; // UserFlags
|
flags: bigint; // UserFlags
|
||||||
public_flags: bigint;
|
public_flags: bigint;
|
||||||
@ -141,6 +143,8 @@ export const UserSchema = new Schema({
|
|||||||
mfa_enabled: Boolean,
|
mfa_enabled: Boolean,
|
||||||
created_at: Date,
|
created_at: Date,
|
||||||
verified: Boolean,
|
verified: Boolean,
|
||||||
|
disabled: Boolean,
|
||||||
|
deleted: Boolean,
|
||||||
email: String,
|
email: String,
|
||||||
flags: { type: String, get: toBigInt }, // TODO: automatically convert Types.Long to BitField of UserFlags
|
flags: { type: String, get: toBigInt }, // TODO: automatically convert Types.Long to BitField of UserFlags
|
||||||
public_flags: { type: String, get: toBigInt },
|
public_flags: { type: String, get: toBigInt },
|
||||||
|
@ -1,11 +1,18 @@
|
|||||||
import { JWTOptions } from "./Constants";
|
import { JWTOptions } from "./Constants";
|
||||||
import jwt from "jsonwebtoken";
|
import jwt from "jsonwebtoken";
|
||||||
|
import { UserModel } from "../models";
|
||||||
|
|
||||||
export function checkToken(token: string, jwtSecret: string): Promise<any> {
|
export function checkToken(token: string, jwtSecret: string): Promise<any> {
|
||||||
return new Promise((res, rej) => {
|
return new Promise((res, rej) => {
|
||||||
jwt.verify(token, jwtSecret, JWTOptions, (err, decoded: any) => {
|
jwt.verify(token, jwtSecret, JWTOptions, async (err, decoded: any) => {
|
||||||
if (err || !decoded) return rej("Invalid Token");
|
if (err || !decoded) return rej("Invalid Token");
|
||||||
|
|
||||||
|
const user = await UserModel.findOne({ id: decoded.id }, { "user_data.valid_tokens_since": true }).exec();
|
||||||
|
if (!user) return rej("User not found");
|
||||||
|
if (decoded.iat * 1000 < user.user_data.valid_tokens_since.getTime()) return rej("Invalid Token");
|
||||||
|
if (user.disabled) return rej("User disabled");
|
||||||
|
if (user.deleted) return rej("User not found");
|
||||||
|
|
||||||
return res(decoded);
|
return res(decoded);
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
Loading…
Reference in New Issue
Block a user