From 6fba087b2dc4f266f2dcc40783c40c6b91f6a9af Mon Sep 17 00:00:00 2001
From: Matthew R <matthew@staff.libraryofcode.org>
Date: Sat, 16 Nov 2019 23:40:32 -0500
Subject: [PATCH] fix cipher issues

---
 src/api/Security.ts | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/src/api/Security.ts b/src/api/Security.ts
index 8a157a1..4be0709 100644
--- a/src/api/Security.ts
+++ b/src/api/Security.ts
@@ -26,13 +26,14 @@ export default class Security {
    * @param _id The Mongoose Document property labeled ._id
    */
   public async createBearer(_id: string): Promise<string> {
-    const account = await this.client.db.Account.findOne({ _id });
+    let account = await this.client.db.Account.findOne({ _id });
     if (!account) throw new Error(`Account [${_id}] cannot be found.`);
     const salt = crypto.randomBytes(50).toString('base64');
     const cipher = crypto.createCipheriv('aes-256-gcm', this.keys.key, this.keys.iv);
+    await account.updateOne({ salt });
+    account = await this.client.db.Account.findOne({ _id });
     let encrypted = cipher.update(JSON.stringify(account), 'utf8', 'base64');
     encrypted += cipher.final('base64');
-    await account.updateOne({ salt });
     return `${salt}:${encrypted}`;
   }
 
@@ -47,6 +48,8 @@ export default class Security {
       const json = JSON.parse(decrypted);
       const account = await this.client.db.Account.findOne({ username: json.username });
       if (account._id !== saltCheck._id) return null;
+      this.client.signale.debug(account);
+      this.client.signale.debug(saltCheck);
       return account;
     } catch (error) {
       this.client.signale.debug(error);