Skip to content

Commit

Permalink
do not reuse access token on login
Browse files Browse the repository at this point in the history
  • Loading branch information
@gwilymhumphreys
gwilymhumphreys committed Oct 26, 2023
1 parent d701690 commit 911da5e
Showing 1 changed file with 5 additions and 5 deletions.
10 changes: 5 additions & 5 deletions packages/fl-auth-server/src/strategies/Local.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ import { findOrCreateAccessToken } from '../lib'


export default class LocalStrategy extends Strategy {
constructor(options={}, verify) {
constructor(options = {}, verify) {
super()
_.merge(this, options)
if (!this.User) throw new Error('[fl-auth] LocalStrategy: Missing User from options')
Expand All @@ -21,17 +21,17 @@ export default class LocalStrategy extends Strategy {
if (!user) return this.fail(info)

try {
const { token, refreshToken, info } = await findOrCreateAccessToken({user_id: user.id})
const { token, refreshToken, info } = await findOrCreateAccessToken({ user_id: user.id })

if (!req.session) {
const msg = '[fl-auth] LocalStrategy: Missing session from req. Is redis running?'
console.log(msg)
return this.error(new Error(msg))
}

req.session.accessToken = {token, expiresDate: info.expiresDate}
req.session.save(err => {if (err) console.log('[fl-auth] Error saving session', err)})
this.success(_.omit(user.toJSON(), 'password'), {accessToken: token})
req.session.accessToken = { token, expiresDate: info.expiresDate }
req.session.save(err => { if (err) console.log('[fl-auth] Error saving session', err) })
this.success(_.omit(user.toJSON(), 'password'), { accessToken: token })
}
catch (err) {
return this.error(err)
Expand Down

0 comments on commit 911da5e

Please sign in to comment.