0
Fork 0
mirror of https://github.com/verdaccio/verdaccio.git synced 2024-12-23 22:27:34 -05:00

refactor: token expire error also should returns anonymous user (#1011)

This commit is contained in:
Juan Picado @jotadeveloper 2018-09-22 19:36:05 +02:00 committed by GitHub
parent cf31982127
commit 4cfe996679
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23

View file

@ -198,6 +198,8 @@ export function parseAESCredentials(
} }
} }
export const expireReasons: Array<string> = ['JsonWebTokenError', 'TokenExpiredError'];
export function verifyJWTPayload(token: string, secret: string): RemoteUser { export function verifyJWTPayload(token: string, secret: string): RemoteUser {
try { try {
const payload: RemoteUser = (verifyPayload(token, secret): RemoteUser); const payload: RemoteUser = (verifyPayload(token, secret): RemoteUser);
@ -205,7 +207,7 @@ export function verifyJWTPayload(token: string, secret: string): RemoteUser {
return payload; return payload;
} catch (error) { } catch (error) {
// #168 this check should be removed as soon AES encrypt is removed. // #168 this check should be removed as soon AES encrypt is removed.
if (error.name === 'JsonWebTokenError') { if (expireReasons.includes(error.name)) {
// it might be possible the jwt configuration is enabled and // it might be possible the jwt configuration is enabled and
// old tokens fails still remains in usage, thus // old tokens fails still remains in usage, thus
// we return an anonymous user to force log in. // we return an anonymous user to force log in.