fix: correct admin unsuccessful login to dashboard

authcompanion · Nov 12, 2023 · beede9f · beede9f
1 parent 0393b74
commit beede9f
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 4 deletions.
diff --git a/services/admin/users/login.js b/services/admin/users/login.js
@@ -1,4 +1,4 @@
-import { verifyValueWithHash } from "../../../utils/credential.js";
+import { verifyValueWithHash, secureCookie } from "../../../utils/credential.js";
 import { makeAdminToken, makeAdminRefreshtoken } from "../../../utils/jwt.js";
 import config from "../../../config.js";
 
@@ -52,6 +52,11 @@ export const loginHandler = async function (request, reply) {
     expireDate.setTime(expireDate.getTime() + 7 * 24 * 60 * 60 * 1000); // TODO: Make configurable now, set to 7 days
 
     reply.headers({
+      "set-cookie": [
+        `adminDashboardAccessToken=${adminAccessToken.token}; Path=/; Expires=${expireDate}; SameSite=${
+          config.SAMESITE
+        }; HttpOnly; ${secureCookie()}`,
+      ],
       "x-authc-app-origin": config.ADMINORIGIN,
     });
 

diff --git a/utils/authenticate.js b/utils/authenticate.js
@@ -56,14 +56,13 @@ export const authenticateWebAdminRequest = async function (request, reply) {
     const cookies = parse(request.headers.cookie);
 
     // Check if adminAccessToken token exists in the cookies
-    if (!cookies.adminAccessToken) {
+    if (!cookies.adminDashboardAccessToken) {
       reply.redirect("/v1/admin/login");
       throw { statusCode: "401", message: "Unauthorized, Please Login" };
     }
 
     // Validate the adminAccessToken token and get its payload
-    const fingerPrint = cookies["Fgp"];
-    const payload = await validateJWT(cookies.adminAccessToken, this.key, fingerPrint);
+    const payload = await validateJWT(cookies.adminDashboardAccessToken, this.key);
 
     // Check if the payload contains the admin scope
     if (!payload.scope.includes("admin")) {