From 75c50204c2e98486e70864647d79ad3ddfe742da Mon Sep 17 00:00:00 2001 From: SrGooglo Date: Sun, 9 Apr 2023 19:34:08 +0000 Subject: [PATCH] fix status codes --- .../src/middlewares/withAuthentication/index.js | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/packages/server/src/middlewares/withAuthentication/index.js b/packages/server/src/middlewares/withAuthentication/index.js index 0092d5c3..4cabb6a2 100755 --- a/packages/server/src/middlewares/withAuthentication/index.js +++ b/packages/server/src/middlewares/withAuthentication/index.js @@ -7,7 +7,7 @@ import jwt from "jsonwebtoken" export default async (req, res, next) => { function reject(description) { - return res.status(403).json({ error: `${description ?? "Invalid session"}` }) + return res.status(401).json({ error: `${description ?? "Invalid session"}` }) } try { @@ -47,7 +47,7 @@ export default async (req, res, next) => { const userData = await User.findOne({ _id: currentSession.user_id }).select("+refreshToken") if (!userData) { - return res.status(404).json({ error: "No user data found" }) + return reject("Cannot find user") } // if cannot verify token, start regeneration process @@ -99,28 +99,28 @@ export default async (req, res, next) => { if (client_id === "undefined" || token === "undefined") { return reject("Invalid server token") } - + const secureEntries = new SecureEntry(authorizedServerTokens) - + const serverTokenEntry = await secureEntries.get(client_id, undefined, { keyName: "client_id", valueName: "token", }) - + if (!serverTokenEntry) { return reject("Invalid server token") } - + if (serverTokenEntry !== token) { return reject("Missmatching server token") } - + req.user = { __server: true, _id: client_id, roles: ["server"], } - + return next() } default: {