asymptotically
/
nodejs-pool
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Update to return a 401 on invalid.

Browse Source
master
Alexander Blair 7 years ago
parent d0e15f7e1f
commit b3e2c58bcb
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File

2
lib/api.js
Unescape View File

@ -438,7 +438,7 @@ app.post('/authenticate', function (req, res) {
let hmac = crypto.createHmac('sha256', global.config.api.secKey).update(req.body.password).digest('hex');
global.mysql.query("SELECT * FROM users WHERE username = ? AND ((pass IS null AND email = ?) OR (pass = ?))", [req.body.username, req.body.password, hmac]).then(function (rows) {
if (rows.length === 0) {
return res.json({'success': false, msg: 'Invalid username/password'});
return res.status(401).send({'success': false, msg: 'Invalid username/password'});
}
let token = jwt.sign({id: rows[0].id, admin: rows[0].admin}, global.config.api.secKey, {expiresIn: '1d'});
return res.json({'success': true, 'msg': token});

Write Preview
Loading…
Cancel
Save