Fixes bug where lastUsedAt timestamp wasn't set when access token used

This commit is contained in:
Andrew Nicolaou 2019-05-15 14:07:46 +02:00 committed by Cassie Tarakajian
parent 27ea1c1e1b
commit 9f627c1c37
2 changed files with 4 additions and 6 deletions

View file

@ -46,12 +46,10 @@ passport.use(new BasicStrategy((userid, key, done) => {
User.findOne({ username: userid }, (err, user) => { // eslint-disable-line consistent-return
if (err) { return done(err); }
if (!user) { return done(null, false); }
user.findMatchingKey(key, (innerErr, isMatch, keyID) => {
user.findMatchingKey(key, (innerErr, isMatch, keyDocument) => {
if (isMatch) {
User.update(
{ 'apiKeys._id': keyID },
{ '$set': { 'apiKeys.$.lastUsedAt': Date.now() } }
);
keyDocument.lastUsedAt = Date.now();
user.save();
return done(null, user);
}
return done(null, false, { msg: 'Invalid username or API key' });

View file

@ -133,7 +133,7 @@ userSchema.methods.findMatchingKey = function findMatchingKey(candidateKey, cb)
this.apiKeys.forEach((k) => {
if (bcrypt.compareSync(candidateKey, k.hashedKey)) {
foundOne = true;
cb(null, true, k._id);
cb(null, true, k);
}
});
if (!foundOne) cb('Matching API key not found !', false, null);