Skip to content

Commit

Permalink
add null check when using auth header (#39)
Browse files Browse the repository at this point in the history
* add null check when using auth header

* add changelog

* update README
  • Loading branch information
jchartrand authored Mar 25, 2024
1 parent 1b26c63 commit f48270d
Show file tree
Hide file tree
Showing 3 changed files with 12 additions and 15 deletions.
6 changes: 0 additions & 6 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,6 @@ CHECK OUT OUR [GETTING STARTED DOC](docs/GETTING_STARTED.md) FOR A STEP BY STEP
[![Release Branch](https://img.shields.io/badge/release_branch-main-green.svg)](https://github.com/digitalcredentials/admin-dashboard/tree/main)
[![License](https://img.shields.io/badge/license-mit-blue.svg)](https://github.com/digitalcredentials/admin-dashboard/blob/main/LICENSE)

<p float="left">
<img src="https://github.com/learningeconomy/admin-dashboard/assets/2185016/9926ded7-40e9-4f18-a89a-bd788274903e" width="200" />
<img src="https://github.com/learningeconomy/admin-dashboard/assets/2185016/31882ce0-ce6e-4661-8c42-e64958accfc3" width="350" height="0" />
<img src="https://github.com/learningeconomy/admin-dashboard/assets/2185016/31882ce0-ce6e-4661-8c42-e64958accfc3" width="350" />
</p>

A system for:

* uploading and managing credential data
Expand Down
7 changes: 7 additions & 0 deletions src/CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
# admin-dashboard Changelog

## 0.1.1 - 2024-03-25
### Changed
- fixed error when no auth header present PR #39

For previous history, see Git commits.
14 changes: 5 additions & 9 deletions src/endpoints/getCredentialLinks.ts
Original file line number Diff line number Diff line change
Expand Up @@ -12,18 +12,14 @@ const tenantName = process.env.TENANT_NAME ?? 'test';

export const getCredentialLinks: PayloadHandler = async (req, res) => {
let id: string;
let token: string;

const authHeader = req.headers.authorization;

if (!authHeader.startsWith('Bearer ')) return res.sendStatus(401);

const token = authHeader.split('Bearer ')[1];

try {
try {
const authHeader = req.headers.authorization;
if (authHeader && !authHeader.startsWith('Bearer ')) return res.sendStatus(401);
token = authHeader.split('Bearer ')[1];
const decoded = jwt.verify(token, secret);

if (typeof decoded === 'string' || !decoded.id) return res.sendStatus(401);

id = decoded.id;
} catch (error) {
return res.sendStatus(401);
Expand Down

0 comments on commit f48270d

Please sign in to comment.