angular-fullstack/generator-angular-fullstack

Auth Function [signToken] - Parameter missing

Open

#971 opened on May 20, 2015

View on GitHub
 (2 comments) (0 reactions) (0 assignees)JavaScript (1,268 forks)batch import
Help Wanted

Repository metrics

Stars
 (6,134 stars)
PR merge metrics
 (No merged PRs in 30d)

Description

In file 'server/auth/auth.service.js' approx line 59, signToken function is missing user 'role' parameter.

function signToken(id) {
  return jwt.sign({ _id: id }, config.secrets.session, { expiresInMinutes: 60*5 });
}

should be:

function signToken(id, role) {
  return jwt.sign({ _id: id, role: role }, config.secrets.session, { expiresInMinutes: 60*5 });
}

Reason: the role variable is passed to it in nearly all calls of function. e.g.

function setTokenCookie(req, res) {
  if (!req.user) return res.json(404, { message: 'Something went wrong, please try again.'});
  var token = signToken(req.user._id, req.user.role);
  res.cookie('token', JSON.stringify(token));
  res.redirect('/');
}

Contributor guide