Create seperate database table for AccessTokens to hide jwt token and tokenId from user

2026-04-17 23:53:25 +02:00 · 2015-11-26 02:36:09 +09:00
parent 62413b3780
commit 9cb231391a
11 changed files with 97 additions and 71 deletions
--- a/lib/units/websocket/index.js
+++ b/lib/units/websocket/index.js
@@ -352,14 +352,13 @@ module.exports = function(options) {

          return dbapi.saveUserAccessToken(user.email, {
            title: title
-          , tokenId: tokenId
+          , id: tokenId
          , jwt: jwt
          })
            .then(function() {
              socket.emit('user.keys.accessToken.generated', {
                title: title
              , tokenId: tokenId
-              , jwt: jwt
              })
            })
        })