From 761330e9b6c19e8b53b3fad875a677be93aeb6b2 Mon Sep 17 00:00:00 2001 From: Paul Bienkowski Date: Tue, 24 Nov 2020 00:37:04 +0100 Subject: [PATCH] refactor: rename req.payload to req.authInfo to be less confusing --- routes/auth.js | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/routes/auth.js b/routes/auth.js index 023c2cf..9e5a6ea 100644 --- a/routes/auth.js +++ b/routes/auth.js @@ -15,7 +15,7 @@ function getTokenFromHeader(req) { const jwtOptional = jwt({ secret: secret, - userProperty: 'payload', + userProperty: 'authInfo', credentialsRequired: false, getToken: getTokenFromHeader, algorithms: ['HS256'], @@ -27,19 +27,20 @@ async function getUserIdMiddleware(req, res, next) { const [tokenType, token] = (authorization && authorization.split(' ')) || []; if (tokenType === 'Token' || tokenType === 'Bearer') { + // only parse the token as jwt if it looks like one, otherwise we get an error return jwtOptional(req, res, next); } else if (tokenType === 'OBSUserId') { - req.payload = { id: token.trim() }; + req.authInfo = { id: token.trim() }; next(); } else if (!authorization && req.body && req.body.id && req.body.id.length === 24) { const user = await User.findById(req.body.id); if (user) { - req.payload = { id: user.id }; + req.authInfo = { id: user.id }; req.user = user; } next(); } else { - req.payload = null; + req.authInfo = null; next(); } } catch (err) { @@ -49,8 +50,8 @@ async function getUserIdMiddleware(req, res, next) { async function loadUserMiddleware(req, res, next) { try { - if (req.payload && req.payload.id) { - req.user = await User.findById(req.payload.id); + if (req.authInfo && req.authInfo.id) { + req.user = await User.findById(req.authInfo.id); if (!req.user) { return res.sendStatus(401); @@ -65,7 +66,7 @@ async function loadUserMiddleware(req, res, next) { module.exports = { required(req, res, next) { - if (!req.payload) { + if (!req.authInfo) { return res.sendStatus(403); } else { return next();