diff options
Diffstat (limited to 'src/internal-server/start/routes.js')
-rw-r--r-- | src/internal-server/start/routes.js | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/internal-server/start/routes.js b/src/internal-server/start/routes.js index 736796bb8..8aca39347 100644 --- a/src/internal-server/start/routes.js +++ b/src/internal-server/start/routes.js | |||
@@ -18,9 +18,13 @@ migrate(); | |||
18 | 18 | ||
19 | async function validateToken(clientToken, response, next) { | 19 | async function validateToken(clientToken, response, next) { |
20 | const serverToken = process.env.FERDIUM_LOCAL_TOKEN; | 20 | const serverToken = process.env.FERDIUM_LOCAL_TOKEN; |
21 | const valid = serverToken && | 21 | const valid = |
22 | serverToken && | ||
22 | clientToken && | 23 | clientToken && |
23 | timingSafeEqual(Buffer.from(clientToken, 'utf8'), Buffer.from(serverToken, 'utf8')); | 24 | timingSafeEqual( |
25 | Buffer.from(clientToken, 'utf8'), | ||
26 | Buffer.from(serverToken, 'utf8'), | ||
27 | ); | ||
24 | if (valid) { | 28 | if (valid) { |
25 | await next(); | 29 | await next(); |
26 | return true; | 30 | return true; |
@@ -41,11 +45,11 @@ const OnlyAllowFerdium = async ({ request, response }, next) => { | |||
41 | const RequireTokenInQS = async ({ request, response }, next) => { | 45 | const RequireTokenInQS = async ({ request, response }, next) => { |
42 | const clientToken = request.get().token; | 46 | const clientToken = request.get().token; |
43 | return validateToken(clientToken, response, next); | 47 | return validateToken(clientToken, response, next); |
44 | } | 48 | }; |
45 | 49 | ||
46 | const FERDIUM_LOCAL_TOKEN_COOKIE = 'ferdium-local-token'; | 50 | const FERDIUM_LOCAL_TOKEN_COOKIE = 'ferdium-local-token'; |
47 | 51 | ||
48 | const RequireAuthenticatedBrowser = async({ request, response }, next) => { | 52 | const RequireAuthenticatedBrowser = async ({ request, response }, next) => { |
49 | const clientToken = request.cookie(FERDIUM_LOCAL_TOKEN_COOKIE); | 53 | const clientToken = request.cookie(FERDIUM_LOCAL_TOKEN_COOKIE); |
50 | return validateToken(clientToken, response, next); | 54 | return validateToken(clientToken, response, next); |
51 | }; | 55 | }; |