generate real tokens

pradel · pradel · commit 433c11401e57 · 2018-03-05T13:55:47.000+01:00
diff --git a/packages/server/src/accounts-server.ts b/packages/server/src/accounts-server.ts
@@ -12,7 +12,7 @@ import {
   ImpersonateReturnType,
   HookListener,
 } from '@accounts/common';
-import { generateAccessToken, generateRefreshToken } from './tokens';
+import { generateAccessToken, generateRefreshToken, generateRandomToken } from './tokens';
 import { emailTemplates, EmailTemplateType, sendMail } from './email';
 import {
   AccountsServerOptions,
@@ -186,13 +186,12 @@ export class AccountsServer {
     const { ip, userAgent } = infos;
 
     try {
-      // TODO get a random token
-      const token = '';
+      const token = generateRandomToken();
       const sessionId = await this.db.createSession(user.id, token, {
         ip,
         userAgent,
       });
-      const { accessToken, refreshToken } = this.createTokens(sessionId);
+      const { accessToken, refreshToken } = this.createTokens(token);
 
       const loginResult = {
         sessionId,
@@ -266,8 +265,7 @@ export class AccountsServer {
         return { authorized: false };
       }
 
-      // TODO get a random token
-      const token = '';
+      const token = generateRandomToken();
       const newSessionId = await this.db.createSession(
         impersonatedUser.id,
         token,
diff --git a/packages/server/src/tokens.ts b/packages/server/src/tokens.ts
@@ -1,7 +1,10 @@
 import * as jwt from 'jsonwebtoken';
 import { randomBytes } from 'crypto';
 
-export const generateRandomToken = (length: number = 43) =>
+/**
+ * Generate a random token string
+ */
+export const generateRandomToken = (length: number = 43): string =>
   randomBytes(length).toString('hex');
 
 export const generateAccessToken = ({
