Use token authentication for API requests.

2020-09-17 22:52:20 -07:00
parent bff8806b61
commit 96bd7e5b47
34 changed files with 198 additions and 153 deletions
--- a/lib/session.js
+++ b/lib/session.js
@@ -1,8 +1,8 @@
 import { getWebsiteByUuid, getSessionByUuid, createSession } from 'lib/queries';
 import { getClientInfo } from 'lib/request';
-import { uuid, isValidId } from 'lib/crypto';
+import { uuid, isValidUuid } from 'lib/crypto';

-export async function verifySession(req) {
+export async function getSession(req) {
  const { payload } = req.body;

  if (!payload) {
@@ -11,7 +11,7 @@ export async function verifySession(req) {

  const { website: website_uuid, hostname, screen, language } = payload;

-  if (!isValidId(website_uuid)) {
+  if (!isValidUuid(website_uuid)) {
    throw new Error(`Invalid website: ${website_uuid}`);
  }