Infrastructure/verdaccio
0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2025-04-01 02:42:23 -05:00
Code Issues Activity

fix: improve token validation ()

Browse source 
* fix: check name of credentials

* chore: improve validation
This commit is contained in:
Juan Picado 2020-04-26 22:26:49 +02:00 committed by GitHub
parent 9602995636
commit 416d41fa08
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions

8
src/lib/auth.ts
View file

@ -303,7 +303,7 @@ class Auth implements IAuth {
return _next();
};
if (this._isRemoteUserMissing(req.remote_user)) {
if (this._isRemoteUserValid(req.remote_user)) {
return next();
}
@ -389,7 +389,7 @@ class Auth implements IAuth {
}
}
private _isRemoteUserMissing(remote_user: RemoteUser): boolean {
private _isRemoteUserValid(remote_user: RemoteUser): boolean {
return _.isUndefined(remote_user) === false && _.isUndefined(remote_user.name) === false;
}
@ -398,7 +398,7 @@ class Auth implements IAuth {
*/
public webUIJWTmiddleware(): Function {
return (req: $RequestExtend, res: $ResponseExtend, _next: NextFunction): void => {
if (this._isRemoteUserMissing(req.remote_user)) {
if (this._isRemoteUserValid(req.remote_user)) {
return _next();
}
@ -434,7 +434,7 @@ class Auth implements IAuth {
// FIXME: intended behaviour, do we want it?
}
if (credentials) {
if (this._isRemoteUserValid(credentials)) {
const { name, groups } = credentials;
// $FlowFixMe
req.remote_user = createRemoteUser(name, groups);