refactor: pass less data into user object

2025-01-18 17:21:33 +00:00 · 2022-04-16 21:36:34 +07:00 · 2022-04-16 21:36:34 +07:00 · 1c0fd26496
commit 1c0fd26496
parent 4b9740cf5c
2 changed files with 11 additions and 4 deletions
--- a/controllers/tokenController.js
+++ b/controllers/tokenController.js
@ -78,7 +78,7 @@ self.list = async (req, res, next) => {

 self.change = async (req, res, next) => {
  try {
-    const user = await utils.authorize(req)
+    const user = await utils.authorize(req, 'token')

    const newToken = await self.generateUniqueToken()
    if (!newToken) {
--- a/controllers/utilsController.js
+++ b/controllers/utilsController.js
@ -188,9 +188,16 @@ self.stripIndents = string => {
  return result
 }

-self.assertUser = async token => {
+self.assertUser = async (token, fields) => {
+  const _fields = ['id', 'username', 'enabled', 'timestamp', 'permission', 'registration']
+  if (typeof fields === 'string') fields = [fields]
+  if (Array.isArray(fields)) {
+    _fields.push(...fields)
+  }
+
  const user = await db.table('users')
    .where('token', token)
+    .select(_fields)
    .first()
  if (user) {
    if (user.enabled === false || user.enabled === 0) {
@ -202,12 +209,12 @@ self.assertUser = async token => {
  }
 }

-self.authorize = async req => {
+self.authorize = async (req, fields) => {
  const token = req.headers.token
  if (token === undefined) {
    throw new ClientError('No token provided.', { statusCode: 403 })
  }
-  return self.assertUser(token)
+  return self.assertUser(token, fields)
 }

 self.generateThumbs = async (name, extname, force) => {