authenticator logic

2023-03-22 19:25:23 +02:00 · 2023-03-22 19:25:23 +02:00 · 636f39db5f
commit 636f39db5f
parent bf4663d307
2 changed files with 7 additions and 8 deletions
--- a/src/server/components/UserDatabase.js
+++ b/src/server/components/UserDatabase.js
@ -145,16 +145,14 @@ class UserDatabase extends UserDatabaseInterface {
        if (app) 
            return Promise.resolve(app);

-        const data = await this.db.findOne(this._appCollection, { 'token.encrypted': token });
+        const data = await this.db.findOne(this._appCollection, { token });
        if (!data) 
            return null;

-        const user = await this.fetchUser(data.user);
-        app = this._createApp(user, data);
+        app = this._createApp(data);

        if (!this.disableCache) 
            this.cache.set(app.id, app);
-        user.attachApplication(app);

        return app;

--- a/src/server/middleware/Authenticator.js
+++ b/src/server/middleware/Authenticator.js
@ -155,9 +155,9 @@ class Authenticator {
        const key = segments[segments.length - 1];

        const application = await this.userdb.matchToken(key);
-        if (application) 
-            req.user = application;
-        else {
+        if (application) {
+            req.user = application; 
+        } else {
            res.status(401).send('Unknown identity'); 
            return false;
        }
@ -179,10 +179,11 @@ class Authenticator {
        PermissionManager.ensurePermission(permission);

        const func = async (req, res, next) => {
-            const { user } = req;
            // Request does not have a user bound to it, response already sent from #_authenticate
            if (!await this.#_authenticate(req, res)) 
                return;
+            // If the authentication is done through a token, the user will be attached in the authentication step
+            const { user } = req;
            // Has permission
            if (user.hasPermission(permission, level)) 
                return next();