engineering
/
cloudservices
3
0
Fork 1
Code Issues 5 Pull Requests Packages Projects Releases Wiki Activity

invalidate authentication for locked accounts

merge-requests/4/head
Matthew 2020-06-29 18:22:44 -04:00
parent 9a77963823
commit 9c6e900802
No known key found for this signature in database
GPG Key ID: 210AF32ADE3B5C4B
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/class/Security.ts
View File

@ -40,6 +40,7 @@ export default class Security {
const res: any = jwt.verify(bearer, this.keys.key, { issuer: 'Library of Code sp-us | CSD' }); const res: any = jwt.verify(bearer, this.keys.key, { issuer: 'Library of Code sp-us | CSD' });
const account = await this.client.db.Account.findOne({ _id: res.id }); const account = await this.client.db.Account.findOne({ _id: res.id });
if (!account) return null; if (!account) return null;
if (account.locked) return null;
if (account.revokedBearers?.includes(bearer)) return null; if (account.revokedBearers?.includes(bearer)) return null;
return account; return account;
} catch { } catch {