reduced complexity

This commit is contained in:
Wyatt Johnson
2018-01-03 14:43:35 -07:00
parent 0850b1f982
commit 72b2211daa
2 changed files with 25 additions and 14 deletions
+17 -14
View File
@@ -20,26 +20,29 @@ router.get('/', authorization.needed(), (req, res, next) => {
* @param {Function} verifier the function used to verify the token, will throw on error
* @param {Object} error the error object to send back in the event an error is found
*/
const verifyTokenOnCheck = (verifier, error) => async (req, res, next) => {
const {token, check = false} = req.body;
if (!token) {
return next(error);
}
const tokenCheck = (verifier, error) => async (req, res, next) => {
const {token = null, check = false} = req.body;
if (check) {
// This request is checking to see if the token is valid.
try {
// Verify the token.
await verifier(token);
res.status(204).end();
// Don't continue to pass it onto the next middleware, as we've only been
// asked to verify the token.
return;
} catch (err) {
// Log out the error, slurp it and send out the predefined error to the
// error handler.
console.error(err);
return next(error);
}
res.status(204).end();
// Don't continue to pass it onto the next middleware, as we've only been
// asked to verify the token.
return;
}
next();
@@ -48,7 +51,7 @@ const verifyTokenOnCheck = (verifier, error) => async (req, res, next) => {
// POST /email/confirm takes the password confirmation token available as a
// payload parameter and if it verifies, it updates the confirmed_at date on the
// local profile.
router.post('/email/verify', verifyTokenOnCheck(UsersService.verifyEmailConfirmationToken, errors.ErrEmailVerificationToken), async (req, res, next) => {
router.post('/email/verify', tokenCheck(UsersService.verifyEmailConfirmationToken, errors.ErrEmailVerificationToken), async (req, res, next) => {
const {token} = req.body;
try {
@@ -86,7 +89,7 @@ router.post('/password/reset', async (req, res, next) => {
}
});
router.put('/password/reset', verifyTokenOnCheck(UsersService.verifyPasswordResetToken, errors.ErrPasswordResetToken), async (req, res, next) => {
router.put('/password/reset', tokenCheck(UsersService.verifyPasswordResetToken, errors.ErrPasswordResetToken), async (req, res, next) => {
const {token, password} = req.body;
if (!password || password.length < 8) {
+8
View File
@@ -634,6 +634,10 @@ module.exports = class UsersService {
* @param {String} token the JSON Web Token to verify
*/
static async verifyPasswordResetToken(token) {
if (!token) {
throw new Error('cannot verify an empty token');
}
const {userId, loc, version} = await UsersService.verifyToken(token, {
subject: PASSWORD_RESET_JWT_SUBJECT
});
@@ -777,6 +781,10 @@ module.exports = class UsersService {
* @param {String} token the token to verify
*/
static async verifyEmailConfirmationToken(token) {
if (!token) {
throw new Error('cannot verify an empty token');
}
const decoded = await UsersService.verifyToken(token, {
subject: EMAIL_CONFIRM_JWT_SUBJECT
});