Fixes bug where lastUsedAt timestamp wasn't set when access token used

2019-05-15 14:07:46 +02:00 · 2019-05-15 14:07:46 +02:00 · 9f627c1c37
commit 9f627c1c37
parent 27ea1c1e1b
2 changed files with 4 additions and 6 deletions
--- a/server/config/passport.js
+++ b/server/config/passport.js
@ -46,12 +46,10 @@ passport.use(new BasicStrategy((userid, key, done) => {
  User.findOne({ username: userid }, (err, user) => { // eslint-disable-line consistent-return
    if (err) { return done(err); }
    if (!user) { return done(null, false); }
-    user.findMatchingKey(key, (innerErr, isMatch, keyID) => {
+    user.findMatchingKey(key, (innerErr, isMatch, keyDocument) => {
      if (isMatch) {
-        User.update(
-          { 'apiKeys._id': keyID },
-          { '$set': { 'apiKeys.$.lastUsedAt': Date.now() } }
-        );
+        keyDocument.lastUsedAt = Date.now();
+        user.save();
        return done(null, user);
      }
      return done(null, false, { msg: 'Invalid username or API key' });
--- a/server/models/user.js
+++ b/server/models/user.js
@ -133,7 +133,7 @@ userSchema.methods.findMatchingKey = function findMatchingKey(candidateKey, cb)
  this.apiKeys.forEach((k) => {
    if (bcrypt.compareSync(candidateKey, k.hashedKey)) {
      foundOne = true;
-      cb(null, true, k._id);
+      cb(null, true, k);
    }
  });
  if (!foundOne) cb('Matching API key not found !', false, null);