adapt-authoring-auth 1.1.0 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/AuthToken.js +5 -4
- package/package.json +1 -1
package/lib/AuthToken.js
CHANGED
|
@@ -41,10 +41,11 @@ class AuthToken {
|
|
|
41
41
|
const token = await this.decode(req.auth.header.value)
|
|
42
42
|
const [auth, mongodb, roles, users] = await App.instance.waitForModule('auth', 'mongodb', 'roles', 'users')
|
|
43
43
|
const [user] = await users.find({ email: token.sub })
|
|
44
|
-
const authPlugin = auth.authentication.plugins[user.authType]
|
|
45
44
|
if (!user) {
|
|
46
45
|
throw App.instance.errors.UNAUTHENTICATED
|
|
47
46
|
}
|
|
47
|
+
const authPlugin = auth.authentication.plugins[user.authType]
|
|
48
|
+
|
|
48
49
|
if (!user.isEnabled) {
|
|
49
50
|
throw App.instance.errors.ACCOUNT_DISABLED
|
|
50
51
|
}
|
|
@@ -116,11 +117,11 @@ class AuthToken {
|
|
|
116
117
|
case 'NotBeforeError':
|
|
117
118
|
throw App.instance.errors.AUTH_TOKEN_NOT_BEFORE.setData({ error: e.message })
|
|
118
119
|
case 'TokenExpiredError':
|
|
120
|
+
try { await this.revoke({ signature: this.getSignature(token) }) } catch {}
|
|
119
121
|
throw App.instance.errors.AUTH_TOKEN_EXPIRED
|
|
122
|
+
default:
|
|
123
|
+
throw App.instance.errors.AUTH_TOKEN_INVALID.setData({ error: e.message })
|
|
120
124
|
}
|
|
121
|
-
try {
|
|
122
|
-
await this.revoke(tokenData)
|
|
123
|
-
} catch {} // revoke the token if it exists
|
|
124
125
|
}
|
|
125
126
|
if (!tokenData.sub) {
|
|
126
127
|
throw App.instance.errors.INVALID_PARAMS.setData({ params: ['sub'] })
|
package/package.json
CHANGED