From a6a7746532c77afe8ec83382b533015b11975547 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=BAlia=20Yoshida?= Date: Tue, 21 Nov 2023 22:47:37 -0300 Subject: [PATCH] [FIX]: token validation --- backend/controllers/UserControllers.js | 1 + backend/controllers/middlewares/Auth.js | 4 ---- backend/index.js | 2 -- backend/views/routes/Users.js | 9 +++++---- 4 files changed, 6 insertions(+), 10 deletions(-) diff --git a/backend/controllers/UserControllers.js b/backend/controllers/UserControllers.js index 5d9af214..c866efbe 100644 --- a/backend/controllers/UserControllers.js +++ b/backend/controllers/UserControllers.js @@ -33,6 +33,7 @@ exports.userLogin = async(req, res) => { res.cookie('access-token', accessToken, { maxAge: 2592000000, httpOnly: true, + secure: true, }); Users.update( { token: accessToken }, diff --git a/backend/controllers/middlewares/Auth.js b/backend/controllers/middlewares/Auth.js index 0fd2cb8d..3b3a3b9e 100644 --- a/backend/controllers/middlewares/Auth.js +++ b/backend/controllers/middlewares/Auth.js @@ -8,10 +8,6 @@ const createToken = (user) => { }; const validateToken = (req, res, next) => { - - if (req.path === '/auth/register' && req.method === 'POST') { - return next(); - } const accessToken = req.cookies && req.cookies['access-token']; if (!accessToken) { diff --git a/backend/index.js b/backend/index.js index 276eace6..ed357abb 100644 --- a/backend/index.js +++ b/backend/index.js @@ -1,4 +1,3 @@ -const { validateToken } = require('./controllers/middlewares/Auth'); const express = require('express'); const database = require('./models/schemas'); const userRoute = require('./views/routes/Users'); @@ -9,7 +8,6 @@ require("dotenv").config(); const app = express(); const port = 3001; app.use(express.json()); -app.use(validateToken); app.use('/auth', userRoute); app.use('/elective', electiveRoute); diff --git a/backend/views/routes/Users.js b/backend/views/routes/Users.js index a57d9e6c..ccbe2d81 100644 --- a/backend/views/routes/Users.js +++ b/backend/views/routes/Users.js @@ -1,15 +1,16 @@ const express = require('express'); const router = express.Router(); const cookieParser = require('cookie-parser'); -const userController = require('../../controllers/UserControllers'); +const userController = require('../../controllers/UserControllers'); const { validateToken } = require('../../controllers/middlewares/Auth'); router.use(cookieParser()); -router.post('/register', userController.userRegister); -router.post('/login', userController.userLogin); router.get('/profile', validateToken, (req, res) => { res.json('profile'); }); -module.exports = router; +router.post('/register', userController.userRegister); +router.post('/login', userController.userLogin); + +module.exports = router;