-
Notifications
You must be signed in to change notification settings - Fork 69
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Auth fix #54
Auth fix #54
Conversation
…docs into authentication
…en, deleted links when not authorized
…ed hidden csrf field in auth form
… comments and JSDoc
… to bcrypt.compare, added httpyOnly property to jwt cookie
…o authentication
…xistance on POST/auth
src/app.js
Outdated
@@ -17,7 +17,7 @@ app.set('views', path.join(__dirname, 'views')); | |||
app.set('view engine', 'twig'); | |||
require('./utils/twig'); | |||
|
|||
app.use(logger('dev')); | |||
app.use(logger('dev ')); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Почему он все время ставит тут пробел?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Не знаю
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
У меня даже не индексировался этот файл в git status
src/routes/auth.js
Outdated
@@ -28,6 +28,10 @@ router.get('/auth', csrfProtection, function (req, res) { | |||
router.post('/auth', parseForm, csrfProtection, async (req, res) => { | |||
let userDoc = await Users.get(); | |||
|
|||
if (!userDoc) { | |||
throw new Error('Password not set'); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
А что будет у пользователя в этот момент?
Лучше возвращать какое-нибудь сообщение
#51