fix audience token error and update deps

uclaacm · Nov 9, 2024 · a7e8ea0 · a7e8ea0
1 parent 31c7fe8
commit a7e8ea0
Show file tree

Hide file tree

Showing 4 changed files with 4,239 additions and 4,258 deletions.
diff --git a/app/api/v1/auth/index.js b/app/api/v1/auth/index.js
@@ -71,7 +71,7 @@ router.post("/login", (req, res, next) => {
         registered: !user.isPending(),
       },
       config.session.secret,
-      { expiresIn: TOKEN_EXPIRES },
+      { expiresIn: TOKEN_EXPIRES, audience: config.session.requiredAudience },
       (err, token) => {
         if (err) return next(err);
 
@@ -87,11 +87,7 @@ router.post("/login", (req, res, next) => {
     );
   };
 
-  client
-    .verifyIdToken({
-      idToken: req.body.tokenId,
-      audience: config.google.clientId,
-    })
+  client.verifyIdToken({ idToken: req.body.tokenId, requiredAudience: config.session.requiredAudience })
     .then((ticket) => {
       const { email } = ticket.getPayload();
 

diff --git a/app/config/index.js b/app/config/index.js
@@ -37,6 +37,7 @@ module.exports = {
   // session secret for signing token (warning: assumes the file exists)
   session: {
     secret: fs.readFileSync('app/config/SESSION_SECRET').toString().trim(),
+    requiredAudience: process.env.GOOGLE_CLIENT_ID,
   },
 
   // logging level

diff --git a/package.json b/package.json
@@ -27,36 +27,36 @@
   "homepage": "https://github.com/uclaacm/membership-portal#readme",
   "dependencies": {
     "bcryptjs": "^2.4.3",
-    "body-parser": "^1.15.2",
-    "continuation-local-storage": "^3.2.0",
-    "express": "^4.14.0",
-    "express-rate-limit": "^6.2.1",
-    "google-auth-library": "^9.2.0",
-    "handlebars": "^4.0.10",
-    "jsonwebtoken": "^7.3.0",
-    "morgan": "^1.7.0",
-    "node-gyp": "^4.0.0",
-    "node-pre-gyp": "^0.13.0",
-    "pg": "^8.0.3",
-    "sequelize": "^4.44.0",
-    "underscore": "^1.8.3",
+    "body-parser": "^1.20.3",
+    "continuation-local-storage": "^3.2.1",
+    "express": "^4.21.1",
+    "express-rate-limit": "^7.4.1",
+    "google-auth-library": "^9.14.2",
+    "handlebars": "^4.7.8",
+    "jsonwebtoken": "^9.0.2",
+    "morgan": "^1.10.0",
+    "node-gyp": "^10.2.0",
+    "node-pre-gyp": "^0.17.0",
+    "pg": "^8.13.1",
+    "sequelize": "^6.37.5",
+    "underscore": "^1.13.7",
     "util": "^0.12.5",
     "uuid": "https://registry.npmjs.org/uuid/-/uuid-3.1.0.tgz",
-    "winston": "^2.3.1"
+    "winston": "^3.16.0"
   },
   "false": {},
   "devDependencies": {
     "babel-core": "^6.26.3",
-    "babel-jest": "^23.6.0",
+    "babel-jest": "^29.7.0",
     "babel-preset-env": "^1.7.0",
-    "eslint": "^5.7.0",
-    "eslint-config-airbnb": "^17.1.0",
-    "eslint-plugin-import": "^2.14.0",
-    "eslint-plugin-jest": "^21.25.1",
-    "husky": "^1.3.1",
-    "jest": "^23.6.0",
-    "lint-staged": "^7.3.0",
+    "eslint": "^9.14.0",
+    "eslint-config-airbnb": "^19.0.4",
+    "eslint-plugin-import": "^2.31.0",
+    "eslint-plugin-jest": "^28.9.0",
+    "husky": "^9.1.6",
+    "jest": "^29.7.0",
+    "lint-staged": "^15.2.10",
     "nodemon": "^3.1.7",
-    "supertest": "^6.2.4"
+    "supertest": "^7.0.0"
   }
 }