Skip to content

Commit d8e2e73

Browse files
authored
feat: jwt invalidation (#197)
1 parent ab440ab commit d8e2e73

File tree

1 file changed

+8
-5
lines changed
  • packages/backend/src/api/v1/auth

1 file changed

+8
-5
lines changed

Diff for: packages/backend/src/api/v1/auth/utils.ts

+8-5
Original file line numberDiff line numberDiff line change
@@ -126,10 +126,7 @@ export async function authMiddleware(ctx: Context, next: Next) {
126126
// Check if API key is valid
127127
// Support passing as bearer because legacy SDKs did that
128128
else if (validateUUID(key)) {
129-
console.log("key", key)
130-
131129
const { type, projectId, orgId } = await checkApiKey(ctx, key as string)
132-
console.log({ type, projectId, orgId })
133130

134131
ctx.state.projectId = projectId
135132
ctx.state.orgId = orgId
@@ -152,12 +149,18 @@ export async function authMiddleware(ctx: Context, next: Next) {
152149
ctx.state.userId = payload.userId
153150
ctx.state.orgId = payload.orgId
154151

152+
const [user] =
153+
await sql`select * from account where id = ${ctx.state.userId}`
154+
if (!user) {
155+
ctx.throw(401, "This account no longer exists")
156+
}
157+
155158
if (ctx.state.projectId) {
156159
// Check if user has access to project
157160

158161
const [project] = await sql`
159-
select * from account_project where account_id = ${ctx.state.userId} and project_id = ${ctx.state.projectId}
160-
`
162+
select * from account_project where account_id = ${ctx.state.userId} and project_id = ${ctx.state.projectId}
163+
`
161164

162165
if (!project) {
163166
throw new Error("Project not found")

0 commit comments

Comments
 (0)