Commit 3ef10b56 authored by antoine masson's avatar antoine masson
Browse files

v1.06

Fix bug in access token 
parent aee71502
......@@ -176,20 +176,20 @@ exports.loginToken = async (req, res) => {
};
exports.accessToken = async (req, res) => {
if(await Survey.isAccessToken(req.body.survey_id)){
try{
// try{
const survey = await Survey.findById(req.body.survey_id)
let spoc= await survey.poc
if(!survey.status && !token.test){
let token = await Token.findOne({ token:req.body.token });
if(!survey.status && (!token || !token.test)){
return res
.status(201)
.json({ message: "Survey not online" ,poc:spoc,status: "Error"});
}
if(!survey.enable && !token.test){
if(!survey.general.enable && (!token ||!token.test)){
return res
.status(201)
.json({ message: "Survey disabled" ,poc:spoc,status: "Error"});
}
let token = await Token.findOne({ token:req.body.token });
if (!token) { //create new token if doesn't exist
const newtoken = new Token({
token: req.body.token,
......@@ -209,9 +209,9 @@ exports.accessToken = async (req, res) => {
}
const authtoken = await token.generateAuthToken();
res.status(201).json({ token:authtoken, message : "Succeeded Login", status: "OK"});
} catch(err){
res.status(400).json({ message: err,status:"Error"});
}
// } catch(err){
// res.status(400).json({ message: err,status:"Error"});
// }
} else {
const gopt = await GlobalOptions.findById(0,{poc:1});
res.status(400).json({ message: "Forbidden Operation",poc:gopt.poc,status:"Error"});
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment