From deb80e6f6fda6c8bcfaec62e96f59591c11ca477 Mon Sep 17 00:00:00 2001 From: Manuel Kasper Date: Thu, 28 Dec 2023 21:18:33 +0100 Subject: [PATCH] Fix again --- photos_router.js | 16 ++++++++-------- users.js | 12 ++++++------ 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/photos_router.js b/photos_router.js index de9b65c..5d7e527 100644 --- a/photos_router.js +++ b/photos_router.js @@ -27,7 +27,7 @@ router.post('/summits/:association/:code/upload', jwtCallback, upload.array('pho noCache: true } - if (!req.user.callsign) { + if (!req.auth.callsign) { res.status(401).send('Missing callsign in SSO token').end() return } @@ -42,7 +42,7 @@ router.post('/summits/:association/:code/upload', jwtCallback, upload.array('pho if (req.files) { let dbPhotos = [] for (let file of req.files) { - let photo = await photos.importPhoto(file.path, req.user.callsign) + let photo = await photos.importPhoto(file.path, req.auth.callsign) dbPhotos.push(photo) } @@ -70,7 +70,7 @@ router.delete('/summits/:association/:code/:filename', jwtCallback, async (req, noCache: true } - if (!req.user.callsign) { + if (!req.auth.callsign) { res.status(401).send('Missing callsign in SSO token').end() return } @@ -84,7 +84,7 @@ router.delete('/summits/:association/:code/:filename', jwtCallback, async (req, } // Check that uploader is currently logged in user - if (photo.author !== req.user.callsign) { + if (photo.author !== req.auth.callsign) { res.status(401).send('Cannot delete another user\'s photos').end() return } @@ -99,7 +99,7 @@ router.post('/summits/:association/:code/reorder', jwtCallback, async (req, res) noCache: true } - if (!req.user.callsign) { + if (!req.auth.callsign) { res.status(401).send('Missing callsign in SSO token').end() return } @@ -109,7 +109,7 @@ router.post('/summits/:association/:code/reorder', jwtCallback, async (req, res) // Assign new sortOrder index to photos of this user, in the order given by req.body.filenames let updates = req.body.filenames.map((filename, index) => { return db.getDb().collection('summits').updateOne( - { code: summitCode, 'photos.author': req.user.callsign, 'photos.filename': filename }, + { code: summitCode, 'photos.author': req.auth.callsign, 'photos.filename': filename }, { $set: { 'photos.$.sortOrder': index + 1 } } ) }) @@ -124,7 +124,7 @@ router.post('/summits/:association/:code/:filename', jwtCallback, async (req, re noCache: true } - if (!req.user.callsign) { + if (!req.auth.callsign) { res.status(401).send('Missing callsign in SSO token').end() return } @@ -138,7 +138,7 @@ router.post('/summits/:association/:code/:filename', jwtCallback, async (req, re } // Check that editor is the currently logged in user - if (photo.author !== req.user.callsign) { + if (photo.author !== req.auth.callsign) { res.status(401).send('Cannot delete another user\'s photos').end() return } diff --git a/users.js b/users.js index e5d5bb8..e5cd4a6 100644 --- a/users.js +++ b/users.js @@ -22,7 +22,7 @@ let jwtCallback = jwt({ const DB_COLLECTION_USERS = "users"; router.get("/me", jwtCallback, (req, res) => { - const reqUserId = req.user.userid; + const reqUserId = req.auth.userid; if (!reqUserId) { return res.status(401).send("Missing userid in SSO token").end(); } @@ -53,7 +53,7 @@ router.post("/me/settings", jwtCallback, (req, res) => { - const reqUserId = req.user.userid; + const reqUserId = req.auth.userid; if (!reqUserId) { return res.status(401).send("Missing userid in SSO token").end(); } @@ -70,7 +70,7 @@ router.post("/me/settings", }); router.get("/me/tags", jwtCallback, (req, res) => { - const reqUserId = req.user.userid; + const reqUserId = req.auth.userid; if (!reqUserId) { return res.status(401).send("Missing userid in SSO token").end(); } @@ -95,7 +95,7 @@ router.get("/me/tags", jwtCallback, (req, res) => { }); router.get("/me/summits/tags", jwtCallback, (req, res) => { - const reqUserId = req.user.userid; + const reqUserId = req.auth.userid; if (!reqUserId) { return res.status(401).send("Missing userid in SSO token").end(); } @@ -130,7 +130,7 @@ router.get("/me/summits/tags", jwtCallback, (req, res) => { }); router.get("/me/summit/:association/:code", jwtCallback, (req, res) => { - const reqUserId = req.user.userid; + const reqUserId = req.auth.userid; if (!reqUserId) { return res.status(401).send("Missing userid in SSO token").end(); } @@ -175,7 +175,7 @@ router.post("/me/summit/:association/:code", body("tags.*").isString(), (req, res) => { - const reqUserId = req.user.userid; + const reqUserId = req.auth.userid; if (!reqUserId) { return res.status(401).send("Missing userid in SSO token").end(); }