Auth Function [signToken] - Parameter missing #971
Description
In file 'server/auth/auth.service.js' approx line 59, signToken function is missing user 'role' parameter.
function signToken(id) {
return jwt.sign({ _id: id }, config.secrets.session, { expiresInMinutes: 60*5 });
}should be:
function signToken(id, role) {
return jwt.sign({ _id: id, role: role }, config.secrets.session, { expiresInMinutes: 60*5 });
}Reason: the role variable is passed to it in nearly all calls of function. e.g.
function setTokenCookie(req, res) {
if (!req.user) return res.json(404, { message: 'Something went wrong, please try again.'});
var token = signToken(req.user._id, req.user.role);
res.cookie('token', JSON.stringify(token));
res.redirect('/');
}