watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-04 12:47:13 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Fixed change password issue. API refactoring. Closes #1592.

Browse source
This commit is contained in:
Mike Cao 2022-10-25 10:45:56 -07:00
parent 994cf950c8
commit ac070d3ce9
24 changed files with 74 additions and 111 deletions
Download patch file Download diff file Expand all files Collapse all files

16
lib/auth.js
View file

@ -1,6 +1,6 @@
import { parseSecureToken, parseToken } from 'next-basics';
import { getWebsite } from 'queries';
import { SHARE_TOKEN_HEADER } from 'lib/constants';
import { getAccount, getWebsite } from 'queries';
import { SHARE_TOKEN_HEADER, TYPE_ACCOUNT, TYPE_WEBSITE } from 'lib/constants';
import { secret } from 'lib/crypto';
export function getAuthToken(req) {
@ -35,7 +35,7 @@ export function isValidToken(token, validation) {
return false;
}
export async function allowQuery(req) {
export async function allowQuery(req, type) {
const { id } = req.query;
const { userId, isAdmin, shareToken } = req.auth ?? {};
@ -49,9 +49,15 @@ export async function allowQuery(req) {
}
if (userId) {
const website = await getWebsite({ id });
if (type === TYPE_WEBSITE) {
const website = await getWebsite({ websiteUuid: id });
return website && website.userId === userId;
return website && website.userId === userId;
} else if (type === TYPE_ACCOUNT) {
const account = await getAccount({ accountUuid: id });
return account && account.id === id;
}
}
return false;