Create seperate database table for AccessTokens to hide jwt token and tokenId from user

2025-10-05 02:29:26 +02:00 · 2015-11-26 02:36:09 +09:00 · 2015-11-26 02:36:09 +09:00 · 9cb231391a
commit 9cb231391a
parent 62413b3780
11 changed files with 97 additions and 71 deletions
--- a/lib/units/websocket/index.js
+++ b/lib/units/websocket/index.js
@ -352,14 +352,13 @@ module.exports = function(options) {

          return dbapi.saveUserAccessToken(user.email, {
            title: title
-          , tokenId: tokenId
+          , id: tokenId
          , jwt: jwt
          })
            .then(function() {
              socket.emit('user.keys.accessToken.generated', {
                title: title
              , tokenId: tokenId
-              , jwt: jwt
              })
            })
        })