fix a few bugs

- time stamp exp fix - not bypass by default locally when dev - add dist
Money-Manager-SaaS · Jul 19, 2020 · 712b7c8 · 712b7c8
1 parent 26adca7
commit 712b7c8
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 13 deletions.
diff --git a/.gitignore b/.gitignore
@@ -9,4 +9,5 @@ temp/
 /database.sqlite
 /database.sqlite.backup*
 /test.sqlite.backup*
+dist/
 
diff --git a/package.json b/package.json
@@ -4,7 +4,7 @@
   "description": "Money Manager Cloud back-end, to handle CRUD and Authentication and keep the compatibility to the Money Manager EX",
   "main": "src/server.ts",
   "scripts": {
-    "dev": "cross-env BYPATH_ACCESS_TOKEN=true tsc-watch --onSuccess \"ts-node src/server.ts\"",
+    "dev": "tsc-watch --onSuccess \"ts-node src/server.ts\"",
     "start:dev": "ts-node src/index.ts",
     "start": "node dist/server.js",
     "start:pm2": "pm2 start dist/server.js -i 4",

diff --git a/src/middleware/jwtAuthMiddleWare.ts b/src/middleware/jwtAuthMiddleWare.ts
@@ -24,19 +24,20 @@ export const authenticateJWT = async (req, res, next) => {
       try {
         const payload = await verifyAccessToken(token);
         if (payload.exp <= new Date().getTime()) {
-          res.sendStatus(401);
+          res.send(401).end();
+        } else {
+          const user:User = await User.getRepo().findOne(payload.userID);
+          delete user.password;
+          req.user = user;
+          req.userID = payload.userID;
+          req.email = payload.email;
+          next();
         }
-        const user:User = await User.getRepo().findOne(payload.userID);
-        delete user.password;
-        req.user = user;
-        req.userID = payload.userID;
-        req.email = payload.email;
-        next();
       } catch (e) {
-        res.sendStatus(401);
+        res.send(401).end();
       }
     } else {
-      res.sendStatus(401);
+      res.send(401).end();
     }
   }
 };
diff --git a/src/services/auth/provider.ts b/src/services/auth/provider.ts
@@ -83,7 +83,7 @@ const signJWT = (userID: number, email?:string, tokenType = TokenType.Access, mi
       userID: userID,
       email: email,
       iat: currentTimeStamp,
-      exp: currentTimeStamp + 60 * minutes,
+      exp: currentTimeStamp + 1000 * 60 * minutes,
     },
     secret,
     {

diff --git a/src/services/auth/service.ts b/src/services/auth/service.ts
@@ -58,10 +58,10 @@ export const refreshToken = async (req: Request, res: Response) => {
         res.status(200).json(body);
       }
     } catch (e) {
-      res.sendStatus(401);
+      res.send(401).end();
     }
   } else {
-    res.sendStatus(401);
+    res.send(401).end();
   }
 };