TheCloud/PronounsPage
1
0
Fork 0
mirror of https://gitlab.com/PronounsPage/PronounsPage.git synced 2025-09-18 03:55:30 -04:00
Code Issues Packages Projects Releases Wiki Activity

(auth)(bug) fix account switch validation might randomly switch to other authenticated account

Browse Source
This commit is contained in:
Andrea Vos 2023-07-14 01:22:00 +02:00
parent 990e8a8b0d
commit a37623f838
2 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
components/AccountSwitch.vue
View File

@ -59,7 +59,7 @@ export default {
async validateAccounts() { async validateAccounts() {
for (let [username, {token}] of Object.entries(this.accounts)) { for (let [username, {token}] of Object.entries(this.accounts)) {
try { try {
const user = await this.$axios.$get(`/user/current`, { const user = await this.$axios.$get(`/user/current?no_cookie`, {
headers: { headers: {
authorization: 'Bearer ' + token, authorization: 'Bearer ' + token,
}, },

8
server/routes/user.js
View File

@ -298,7 +298,9 @@ router.use(handleErrorAsync(reloadUser));
export const loadCurrentUser = async (req, res) => { export const loadCurrentUser = async (req, res) => {
if (!req.user) { if (!req.user) {
res.clearCookie('token'); if (req.query.no_cookie === undefined) {
res.clearCookie('token');
}
return res.json(null); return res.json(null);
} }
@ -312,7 +314,9 @@ export const loadCurrentUser = async (req, res) => {
delete dbUser.timesheets; delete dbUser.timesheets;
const token = await issueAuthentication(req.db, dbUser, false); const token = await issueAuthentication(req.db, dbUser, false);
res.cookie('token', token, cookieSettings); if (req.query.no_cookie === undefined) {
res.cookie('token', token, cookieSettings);
}
req.rawUser = jwt.validate(token); req.rawUser = jwt.validate(token);
req.user = req.rawUser; req.user = req.rawUser;