From faeafbd68df15f364df65a9ecf4e8cb8e858e688 Mon Sep 17 00:00:00 2001 From: Alice Gaudon Date: Sat, 25 Apr 2020 09:35:49 +0200 Subject: [PATCH] Pass session to auth methods --- src/auth/AuthGuard.ts | 9 +++++---- src/auth/AuthProof.ts | 2 +- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/src/auth/AuthGuard.ts b/src/auth/AuthGuard.ts index da91bfe..15e5a46 100644 --- a/src/auth/AuthGuard.ts +++ b/src/auth/AuthGuard.ts @@ -2,9 +2,10 @@ import AuthProof from "./AuthProof"; import MysqlConnectionManager from "../db/MysqlConnectionManager"; import User from "./models/User"; import UserEmail from "./models/UserEmail"; +import {Connection} from "mysql"; export default abstract class AuthGuard

{ - public abstract async getProofForSession(sessionID: string): Promise

; + public abstract async getProofForSession(session: Express.Session): Promise

; public async getUserForSession(session: Express.Session): Promise { if (!await this.isAuthenticated(session)) return null; @@ -52,9 +53,9 @@ export default abstract class AuthGuard

{ } public async logout(session: Express.Session): Promise { - const proof = await this.getProofForSession(session.id); + const proof = await this.getProofForSession(session); if (proof) { - await proof.revoke(); + await proof.revoke(session); } session.auth_id = undefined; } @@ -62,7 +63,7 @@ export default abstract class AuthGuard

{ private async checkCurrentSessionProofValidity(session: Express.Session): Promise { if (typeof session.auth_id !== 'number') return false; - const proof = await this.getProofForSession(session.id); + const proof = await this.getProofForSession(session); if (!proof || !await proof.isValid() || !await proof.isAuthorized() || !await proof.isOwnedBy(session.auth_id)) { await this.logout(session); diff --git a/src/auth/AuthProof.ts b/src/auth/AuthProof.ts index a4a3220..a7a4e65 100644 --- a/src/auth/AuthProof.ts +++ b/src/auth/AuthProof.ts @@ -11,5 +11,5 @@ export default interface AuthProof { getEmail(): Promise; - revoke(): Promise; + revoke(session: Express.Session): Promise; } \ No newline at end of file