now the board name is in the roles string

2024-11-10 06:24:17 +00:00 · 2022-09-04 19:29:36 +02:00 · 2022-09-04 19:29:36 +02:00 · 6c55e578c4
commit 6c55e578c4
parent dba4fbf003
2 changed files with 33 additions and 27 deletions
--- a/server/jwtBoardnameAuth.js
+++ b/server/jwtBoardnameAuth.js
@ -39,7 +39,7 @@ function checkBoardName(url, boardNameIn) {
    if (config.AUTH_SECRET_KEY != "") {
        var token = url.searchParams.get("token");
        if (token) {
-                roomIsCorrect = getBoardnamefromToken(token, boardNameIn);
+            roomIsCorrect = getBoardnamefromToken(token, boardNameIn);
        } else {
            throw new Error("No token provided");
        }
@ -57,25 +57,34 @@ function getBoardnamefromToken(token, boardNameIn) {
    if (config.AUTH_SECRET_KEY != "") {
        var payload = jsonwebtoken.verify(token, config.AUTH_SECRET_KEY);
        var roles = payload.roles;
-        if (typeof roles === 'object'){
-            if (roles) {
-                for (var r in roles) {
-                    for (var i = 0; i<roles[r].length; i++){
-                        if (roles[r][i] === boardNameIn){
-                            return true;
-                        }
-                    }
-                }
-                throw new Error("No board name match");
+        var oneHasBoardName = false;
+        var oneHasCorretBoardname = false;

-            } else {
-                throw new Error("No board name provided");
+        var regex = new RegExp(":.*"+boardNameIn+"$","gm");
+        console.log(regex);
+        if (roles) {
+            for (var r in roles) {
+                var role = roles[r]
+
+                console.log(role);
+                if (role.includes(':')) {
+                    console.log('found :')
+                    oneHasBoardName = true;
+                }
+                if (role.match(regex)) {
+                    console.log('found Boardname')
+                    return true;
+                }
            }
-        }else {
-            return true;
+            if (!oneHasBoardName) {
+                return true;
+            }
+
+            throw new Error("No board name match");
+
+        } else {
+            throw new Error("No board name provided");
        }
-    } else {
-        return true;
    }
 }

--- a/server/jwtauth.js
+++ b/server/jwtauth.js
@ -56,20 +56,17 @@ function checkUserPermission(url) {
      var payload = jsonwebtoken.verify(token, config.AUTH_SECRET_KEY);
      var roles = payload.roles;
      if(roles) {
-
-        if (Array.isArray(roles) && roles.includes("moderator")){
-            return true
-        }
-        for (var r in roles) {
-            if (r==='moderator'){
-                return true
-            }
-        }
-        return false;
+          for (var r in roles) {
+              var role = roles[r]
+              if (role.match(/moderator/gm)) {
+                  return true;
+              }
+          return false;
        }
      } else {
        return false;
      }
  }
+ }

 module.exports = { checkUserPermission, checkIfModerator };