From 1927e3b295dedd606cb463e747e77442c687e770 Mon Sep 17 00:00:00 2001
From: Matthew R <matthew@staff.libraryofcode.org>
Date: Sat, 16 Nov 2019 23:57:17 -0500
Subject: [PATCH] auth tags

---
 src/api/Security.ts | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/api/Security.ts b/src/api/Security.ts
index 4be0709..368d2cb 100644
--- a/src/api/Security.ts
+++ b/src/api/Security.ts
@@ -34,6 +34,7 @@ export default class Security {
     account = await this.client.db.Account.findOne({ _id });
     let encrypted = cipher.update(JSON.stringify(account), 'utf8', 'base64');
     encrypted += cipher.final('base64');
+    await account.updateOne({ authTag: cipher.getAuthTag() });
     return `${salt}:${encrypted}`;
   }
 
@@ -44,6 +45,7 @@ export default class Security {
       const saltCheck = await this.client.db.Account.findOne({ salt });
       const encrypted = bearer.split(':')[1];
       let decrypted = decipher.update(encrypted, 'base64', 'utf8');
+      decipher.setAuthTag(saltCheck.authTag);
       decrypted += decipher.final('utf8');
       const json = JSON.parse(decrypted);
       const account = await this.client.db.Account.findOne({ username: json.username });