aboutsummaryrefslogtreecommitdiff
path: root/src/server/ApiManagers/SessionManager.ts
diff options
context:
space:
mode:
authorbob <bcz@cs.brown.edu>2020-01-16 16:15:29 -0500
committerbob <bcz@cs.brown.edu>2020-01-16 16:15:29 -0500
commitcadaaa1940dc46a50c5a83c63b1c81558fe76f25 (patch)
tree43481514863bbbd1a904028a05559360fb67d27f /src/server/ApiManagers/SessionManager.ts
parente183f40509edec426b6519fe77590792c1f3f346 (diff)
parent406045dfba072ad8d47ef513cd514f5b857f4104 (diff)
Merge branch 'master' of https://github.com/browngraphicslab/Dash-Web
Diffstat (limited to 'src/server/ApiManagers/SessionManager.ts')
-rw-r--r--src/server/ApiManagers/SessionManager.ts7
1 files changed, 3 insertions, 4 deletions
diff --git a/src/server/ApiManagers/SessionManager.ts b/src/server/ApiManagers/SessionManager.ts
index a99aa05e0..f1629b8f0 100644
--- a/src/server/ApiManagers/SessionManager.ts
+++ b/src/server/ApiManagers/SessionManager.ts
@@ -8,16 +8,15 @@ const permissionError = "You are not authorized!";
export default class SessionManager extends ApiManager {
- private secureSubscriber = (root: string, ...params: string[]) => new RouteSubscriber(root).add("sessionKey", ...params);
+ private secureSubscriber = (root: string, ...params: string[]) => new RouteSubscriber(root).add("session_key", ...params);
private authorizedAction = (handler: SecureHandler) => {
return (core: AuthorizedCore) => {
- const { req, res, isRelease } = core;
- const { sessionKey } = req.params;
+ const { req: { params }, res, isRelease } = core;
if (!isRelease) {
return res.send("This can be run only on the release server.");
}
- if (sessionKey !== process.env.session_key) {
+ if (params.session_key !== process.env.session_key) {
return _permission_denied(res, permissionError);
}
return handler(core);
generated by cgit v1.2.3-70-g09d2 (git 2.46.0) at 2025-10-08 19:26:32 +0000