v0.0.22

middlewares/checkSessionToken.js

@@ -11,31 +11,32 @@ function * checkSessionToken(next) {
 
 	this.throwResponseErrorIfNeed(this.errors);
 
-	const user = yield * fetchUser.call(this, sessionToken);
-
-	this.throwResponseErrorIfNeed(!user, 'session token is invalid');
+	const user = yield fetchUser.call(this, sessionToken);
 
 	this.logger.log(__filename, 'user', user);
 
+	this.throwResponseErrorIfNeed(!user || !user.id, 'session token is invalid');
+
 	this.state.user = user;
 
 	yield next;
 }
 
-function * fetchUser(sessionToken) {
+function fetchUser(sessionToken) {
 	const queryString = `?service_id=${this.config.service.id}`;
-	const path = urlJoin('p', this.state.project.id, 'sessions', sessionToken);
+	const path = '/p/' + this.state.project.id + '/sessions/' + sessionToken;
 	const url = urlJoin(this.state.instance.auth_endpoint, path + queryString);
 
 	const salt = sha1(Date.now() + 'salt' + Date.now());
 	const signeableContent = path + queryString;
-	const signature = this.config.accessToken + signeableContent + salt;
+	const signature = sha1(this.config.accessToken + signeableContent + salt);
+	const headers = {'x-lvis-salt': salt, 'x-lvis-signature': signature};
+
+	this.logger.log(__filename, queryString, path, signeableContent, salt);
 
-	this.logger.log(__filename, 'fetch user url:', url);
+	this.logger.log(__filename, 'fetch user url:', url, 'headers:', headers);
 
-	yield fetch(url, {headers: {'X-LViS-Salt': salt, 'X-LViS-Signature': signature}})
-		.then(res => res.json())
-		.then(user => user && Object.assign(user, {sessionToken: sessionToken}));
+	return fetch(url, {headers: headers}).then(res => res.json());
 }
 
 module.exports = checkSessionToken;

package.json

 {
   "name": "service-sdk",
-  "version": "0.0.21",
+  "version": "0.0.22",
   "private": true,
   "description": "Service SDK for LViS",
   "keywords": [],