send empty array for user permissions if null

ref #12
2020-12-09 18:46:09 +01:00 · 2020-12-09 18:46:09 +01:00 · 02236caa41
parent 2d603a1467
commit 02236caa41
2 changed files with 2 additions and 0 deletions
--- a/src/models/actions/CreateAuth.ts
+++ b/src/models/actions/CreateAuth.ts
@ -35,6 +35,7 @@ export class CreateAuth {
            const found_user = found_users[0]
            if (await argon2.verify(found_user.password, this.password + found_user.uuid)) {
                const timestamp_accesstoken_expiry = Math.floor(Date.now() / 1000) + 5 * 60
+                found_user.permissions = found_user.permissions || []
                delete found_user.password;
                newAuth.access_token = jsonwebtoken.sign({
                    userdetails: found_user,
--- a/src/models/actions/RefreshAuth.ts
+++ b/src/models/actions/RefreshAuth.ts
@ -28,6 +28,7 @@ export class RefreshAuth {
        if (found_user.refreshTokenCount !== decoded["refreshtokencount"]) {
            throw new RefreshTokenCountInvalidError()
        }
+        found_user.permissions = found_user.permissions || []
        delete found_user.password;
        const timestamp_accesstoken_expiry = Math.floor(Date.now() / 1000) + 5 * 60
        delete found_user.password;