Mirror/filesafe
1
0
Fork 0
mirror of https://github.com/BobbyWibowo/lolisafe.git synced 2024-12-13 16:06:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
0403684038
filesafe/controllers/tokenController.js
Bobby Wibowo fcf4c00de7
Moved permission-related functions to permissionController 
Fix: non-root staffs are now able to delete files by any users (previously they could only list them).
2018-10-13 18:06:58 +07:00

59 lines
1.3 KiB
JavaScript
Raw Blame History

const config = require('./../config')
const db = require('knex')(config.database)
const perms = require('./permissionController')
const randomstring = require('randomstring')
const utils = require('./utilsController')
const tokenController = {}
tokenController.verify = async (req, res, next) => {
const token = req.body.token
if (token === undefined) {
return res.status(401).json({
success: false,
description: 'No token provided.'
})
}
const user = await db.table('users').where('token', token).first()
if (!user) {
return res.status(401).json({
success: false,
description: 'Invalid token.'
})
}
return res.json({
success: true,
username: user.username,
permissions: perms.mapPermissions(user)
})
}
tokenController.list = async (req, res, next) => {
const user = await utils.authorize(req, res)
if (!user) { return }
return res.json({
success: true,
token: user.token
})
}
tokenController.change = async (req, res, next) => {
const user = await utils.authorize(req, res)
if (!user) { return }
const newtoken = randomstring.generate(64)
await db.table('users').where('token', user.token).update({
token: newtoken,
timestamp: Math.floor(Date.now() / 1000)
})
res.json({
success: true,
token: newtoken
})
}
module.exports = tokenController
Reference in New Issue View Git Blame Copy Permalink