diff options
author | gumi <git@gumi.ca> | 2020-03-31 14:36:40 -0400 |
---|---|---|
committer | gumi <git@gumi.ca> | 2020-03-31 14:36:40 -0400 |
commit | 4d6545e66feb0e7ec53c76a3bf0247c1c3629dd4 (patch) | |
tree | 51bac6e432726a472fc5b7163f6f35c2823a565f /src/routers/vault/middlewares | |
parent | 930485dfe22db16f5b613750eb9518bb64b4fe4f (diff) | |
download | api-4d6545e66feb0e7ec53c76a3bf0247c1c3629dd4.tar.gz api-4d6545e66feb0e7ec53c76a3bf0247c1c3629dd4.tar.bz2 api-4d6545e66feb0e7ec53c76a3bf0247c1c3629dd4.tar.xz api-4d6545e66feb0e7ec53c76a3bf0247c1c3629dd4.zip |
add support for nanoid for session tokens
Diffstat (limited to 'src/routers/vault/middlewares')
-rw-r--r-- | src/routers/vault/middlewares/identity.js | 4 | ||||
-rw-r--r-- | src/routers/vault/middlewares/session.js | 7 |
2 files changed, 5 insertions, 6 deletions
diff --git a/src/routers/vault/middlewares/identity.js b/src/routers/vault/middlewares/identity.js index 14903c3..6e8be7f 100644 --- a/src/routers/vault/middlewares/identity.js +++ b/src/routers/vault/middlewares/identity.js @@ -1,9 +1,9 @@ "use strict"; -const uuidv4 = require("uuid/v4"); const nodemailer = require("nodemailer"); const Claim = require("../utils/claim.js"); const validate = require("../utils/validate.js"); const Identity = require("../types/Identity.js"); +const Session = require("../types/Session.js"); let transporter = nodemailer.createTransport({ sendmail: true, @@ -181,7 +181,7 @@ const add_identity = async (req, res, next) => { let uuid; do { // avoid collisions - uuid = uuidv4(); + uuid = await Session.generateToken(); } while (req.app.locals.session.get(uuid)); req.app.locals.identity_pending.set(uuid, { diff --git a/src/routers/vault/middlewares/session.js b/src/routers/vault/middlewares/session.js index 1c322e4..71db21c 100644 --- a/src/routers/vault/middlewares/session.js +++ b/src/routers/vault/middlewares/session.js @@ -1,5 +1,4 @@ "use strict"; -const uuidv4 = require("uuid/v4"); const nodemailer = require("nodemailer"); const Claim = require("../utils/claim.js"); const Session = require("../types/Session.js"); @@ -221,7 +220,7 @@ const auth_session = async (req, res) => { } // immediately change the session uuid - const new_uuid = uuidv4(); + const new_uuid = await Session.generateToken(); req.app.locals.session.set(new_uuid, session); req.app.locals.session.delete(token); // revoke the old uuid @@ -253,7 +252,7 @@ const new_session = async (req, res, next) => { // account creation request let uuid; do { // avoid collisions - uuid = uuidv4(); + uuid = await Session.generateToken(); } while (req.app.locals.session.get(uuid)); const session = new Session(req.ip, email); @@ -344,7 +343,7 @@ const new_session = async (req, res, next) => { let uuid; do { // avoid collisions - uuid = uuidv4(); + uuid = await Session.generateToken(); } while (req.app.locals.session.get(uuid)); const session = new Session(req.ip, email); |