mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-09-22 06:00:56 +02:00
3547873bc4
* refactor: `packages/api` build scripts for better inline debugging * refactor: Explicitly select secure fields as no longer returned by default, exclude backupCodes from user data retrieval in authentication and 2FA processes * refactor: Backup Codes UI to not expect backup codes, only regeneration * refactor: Ensure secure fields are deleted from user data in getUserController
33 lines
1 KiB
JavaScript
33 lines
1 KiB
JavaScript
const { logger } = require('@librechat/data-schemas');
|
|
const { SystemRoles } = require('librechat-data-provider');
|
|
const { Strategy: JwtStrategy, ExtractJwt } = require('passport-jwt');
|
|
const { getUserById, updateUser } = require('~/models');
|
|
|
|
// JWT strategy
|
|
const jwtLogin = () =>
|
|
new JwtStrategy(
|
|
{
|
|
jwtFromRequest: ExtractJwt.fromAuthHeaderAsBearerToken(),
|
|
secretOrKey: process.env.JWT_SECRET,
|
|
},
|
|
async (payload, done) => {
|
|
try {
|
|
const user = await getUserById(payload?.id, '-password -__v -totpSecret -backupCodes');
|
|
if (user) {
|
|
user.id = user._id.toString();
|
|
if (!user.role) {
|
|
user.role = SystemRoles.USER;
|
|
await updateUser(user.id, { role: user.role });
|
|
}
|
|
done(null, user);
|
|
} else {
|
|
logger.warn('[jwtLogin] JwtStrategy => no user found: ' + payload?.id);
|
|
done(null, false);
|
|
}
|
|
} catch (err) {
|
|
done(err, false);
|
|
}
|
|
},
|
|
);
|
|
|
|
module.exports = jwtLogin;
|