Create seperate database table for AccessTokens to hide jwt token and tokenId from user

2026-04-20 15:55:16 +02:00 · 2015-11-26 02:36:09 +09:00
parent 62413b3780
commit 9cb231391a
11 changed files with 97 additions and 71 deletions
--- a/lib/db/tables.js
+++ b/lib/db/tables.js
@@ -8,17 +8,18 @@ module.exports = {
        indexFunction: function(user) {
          return user('adbKeys')('fingerprint')
        }
-    , accessTokens: {
-        indexFunction: function(user) {
-          return user('accessTokens')('tokenId')
-        }
-      }
      , options: {
          multi: true
        }
      }
    }
  }
+, accessTokens: {
+    primaryKey: 'id'
+  , indexes: {
+      email: null
+    }
+  }
 , vncauth: {
    primaryKey: 'password'
  , indexes: {