github/umami
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Fixed change password issue. API refactoring. Closes #1592.

Browse Source
This commit is contained in:
Mike Cao
2022-10-25 10:45:56 -07:00
parent 994cf950c8
commit ac070d3ce9
24 changed files with 74 additions and 111 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
lib/auth.js
View File

@@ -1,6 +1,6 @@
import { parseSecureToken, parseToken } from 'next-basics';
import { getWebsite } from 'queries';
import { SHARE_TOKEN_HEADER } from 'lib/constants';
import { getAccount, getWebsite } from 'queries';
import { SHARE_TOKEN_HEADER, TYPE_ACCOUNT, TYPE_WEBSITE } from 'lib/constants';
import { secret } from 'lib/crypto';
export function getAuthToken(req) {
@@ -35,7 +35,7 @@ export function isValidToken(token, validation) {
return false;
}
export async function allowQuery(req) {
export async function allowQuery(req, type) {
const { id } = req.query;
const { userId, isAdmin, shareToken } = req.auth ?? {};
@@ -49,9 +49,15 @@ export async function allowQuery(req) {
}
if (userId) {
const website = await getWebsite({ id });
if (type === TYPE_WEBSITE) {
const website = await getWebsite({ websiteUuid: id });
return website && website.userId === userId;
return website && website.userId === userId;
} else if (type === TYPE_ACCOUNT) {
const account = await getAccount({ accountUuid: id });
return account && account.id === id;
}
}
return false;