Hotfix

Zoltán Takács · Zoltán Takács · commit 4e3570c761b8 · 2019-03-27T09:32:07.000+01:00
diff --git a/src/login/renew.js b/src/login/renew.js
@@ -6,7 +6,7 @@ module.exports = (req, res) => {
   let userId = null;
 
   try {
-    userId = jwt.verify(token, 'almafa').userId;
+    userId = jwt.verify(prevJwt, 'almafa').userId;
   } catch {
     throw new Error('Unauthorized|401|UNAUTHORIZED');
   }
@@ -17,7 +17,9 @@ module.exports = (req, res) => {
     throw new Error('The resource could not be found.|404|NOT_FOUND');
   }
 
-  const token = jwt.sign({ userId: me.id }, 'almafa');
+  const token = jwt.sign({ userId: me.id }, 'almafa', {
+    expiresIn: '30 days'
+  });
 
   return res.send({ token, me });
 };
diff --git a/src/middlewares/auth.js b/src/middlewares/auth.js
@@ -24,7 +24,7 @@ const auth = (req, res, next) => {
 
 const checkPermission = permission => (req, res, next) => {
   if (!req.user.permissions.includes(permission)) {
-    throw new Error('You have no permission for that!|403|FORBIDDEN');
+    throw new Error('Permission denied|403|FORBIDDEN');
   }
 
   next();

Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ const auth = (req, res, next) => {`
`24`	`24`
`25`	`25`	`const checkPermission = permission => (req, res, next) => {`
`26`	`26`	`if (!req.user.permissions.includes(permission)) {`
`27`		`- throw new Error('You have no permission for that!\|403\|FORBIDDEN');`
	`27`	`+ throw new Error('Permission denied\|403\|FORBIDDEN');`
`28`	`28`	`}`
`29`	`29`
`30`	`30`	`next();`