B #5889: fix use expired tokens with externalToken (#2196)

2025-03-16 22:50:10 +03:00 · 2022-06-28 17:16:47 +02:00 · 2022-06-28 17:16:47 +02:00 · 4c0b0db27f
commit 4c0b0db27f
parent 9e3b4cd296
2 changed files with 11 additions and 17 deletions
--- a/src/fireedge/src/server/routes/api/auth/utils.js
+++ b/src/fireedge/src/server/routes/api/auth/utils.js
@ -45,10 +45,6 @@ const {

 const { ok, unauthorized, accepted, internalServerError } = httpCodes

-const appConfig = getFireedgeConfig()
-
-const namespace = appConfig.namespace || defaultNamespace
-
 const { GET } = httpMethod

 let user = ''
@ -200,6 +196,7 @@ const setRes = (newRes = {}) => {
 * Set dates.
 */
 const setDates = () => {
+  const appConfig = getFireedgeConfig()
  limitToken = remember
    ? appConfig.session_remember_expiration || defaultRememberSessionExpiration
    : appConfig.session_expiration || defaultSessionExpiration
@ -314,13 +311,7 @@ const genJWT = (token, informationUser) => {
 * @returns {object} - user token
 */
 const getCreatedTokenOpennebula = (username = '') => {
-  if (
-    global &&
-    global.users &&
-    username &&
-    global.users[username] &&
-    global.users[username].tokens
-  ) {
+  if (username && global?.users?.[username]?.tokens) {
    let acc = { token: '', time: 0 }
    global.users[username].tokens.forEach((curr = {}, index = 0) => {
      const currentTime = parseInt(curr.time, 10)
@ -550,6 +541,8 @@ const getServerAdminAndWrapUser = (userData = {}) => {
 const login = (userData) => {
  let rtn = false
  if (userData) {
+    const appConfig = getFireedgeConfig()
+    const namespace = appConfig.namespace || defaultNamespace
    const findTextError = `[${namespace}.${ActionUsers.USER_INFO}]`
    if (userData.indexOf && userData.indexOf(findTextError) >= 0) {
      updaterResponse(httpResponse(unauthorized))
--- a/src/fireedge/src/server/routes/entrypoints/Api/middlawares.js
+++ b/src/fireedge/src/server/routes/entrypoints/Api/middlawares.js
@ -14,6 +14,7 @@
 * limitations under the License.                                            *
 * ------------------------------------------------------------------------- */
 const { env } = require('process')
+const { DateTime } = require('luxon')
 const { httpCodes, defaults } = require('server/utils/constants')
 const { getFireedgeConfig } = require('server/utils/yml')
 const { defaultWebpackMode, defaultEmptyFunction, defaultOpennebulaZones } =
@ -33,16 +34,16 @@ let passOpennebula = ''
 * @returns {boolean} user valid data
 */
 const userValidation = (user = '', token = '') => {
+  const nowUnix = DateTime.local().toSeconds()
  let rtn = false
  if (
    user &&
    token &&
-    global &&
-    global.users &&
-    global.users[user] &&
-    global.users[user].tokens &&
-    Array.isArray(global.users[user].tokens) &&
-    global.users[user].tokens.some((x) => x && x.token === token)
+    Array.isArray(global?.users?.[user]?.tokens) &&
+    global?.users?.[user]?.tokens?.some?.(
+      ({ token: internalToken, time }) =>
+        time > nowUnix && internalToken === token
+    )
  ) {
    rtn = true
  }