Skip to content

Commit

Permalink
fix: validates verify result
Browse files Browse the repository at this point in the history
  • Loading branch information
@Ajeyakrishna-k
Ajeyakrishna-k committed Dec 20, 2023
1 parent 19a9f80 commit b2a6d7e
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 5 deletions.
6 changes: 2 additions & 4 deletions src/controllers/getMembersInServer.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@ import { env } from "../typeDefinitions/default.types";
import JSONResponse from "../utils/JsonResponse";
import { User } from "../typeDefinitions/user.types";
import { getMembersInServer } from "../utils/getMembersInServer";
import { verifyAuthToken } from "../utils/verifyAuthToken";

export const getMembersInServerHandler = async (
request: IRequest,
Expand All @@ -16,10 +17,7 @@ export const getMembersInServerHandler = async (
return new JSONResponse(response.BAD_SIGNATURE);
}
try {
const authToken = authHeader.split(" ")[1];
await jwt.verify(authToken, env.RDS_SERVERLESS_PUBLIC_KEY, {
algorithm: "RS256",
});
await verifyAuthToken(authHeader, env);

const users = (await getMembersInServer(env)) as User[];

Expand Down
5 changes: 4 additions & 1 deletion src/utils/verifyAuthToken.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,10 @@ import jwt from "@tsndr/cloudflare-worker-jwt";

export async function verifyAuthToken(authHeader: string, env: env) {
const authToken = authHeader.split(" ")[1];
await jwt.verify(authToken, env.RDS_SERVERLESS_PUBLIC_KEY, {
const isValid = await jwt.verify(authToken, env.RDS_SERVERLESS_PUBLIC_KEY, {
algorithm: "RS256",
});
if (!isValid) {
throw new Error("Invalid Authentication token");
}
}

0 comments on commit b2a6d7e

Please sign in to comment.