Merge pull request #1582 from umami-software/dev
Fixed share page issue.
This commit is contained in:
Mike Cao
GitHub
commit
94dc915272
14
lib/auth.js
14
lib/auth.js
|
|
@ -15,7 +15,7 @@ export function getAuthToken(req) {
|
|||
|
||||
export function getShareToken(req) {
|
||||
try {
|
||||
return parseSecureToken(req.headers[SHARE_TOKEN_HEADER], secret());
|
||||
return parseToken(req.headers[SHARE_TOKEN_HEADER], secret());
|
||||
} catch {
|
||||
return null;
|
||||
}
|
||||
|
|
@ -23,12 +23,10 @@ export function getShareToken(req) {
|
|||
|
||||
export function isValidToken(token, validation) {
|
||||
try {
|
||||
const result = parseToken(token, secret());
|
||||
|
||||
if (typeof validation === 'object') {
|
||||
return !Object.keys(validation).find(key => result[key] !== validation[key]);
|
||||
return !Object.keys(validation).find(key => token[key] !== validation[key]);
|
||||
} else if (typeof validation === 'function') {
|
||||
return validation(result);
|
||||
return validation(token);
|
||||
}
|
||||
} catch (e) {
|
||||
return false;
|
||||
|
|
@ -38,7 +36,7 @@ export function isValidToken(token, validation) {
|
|||
}
|
||||
|
||||
export async function allowQuery(req) {
|
||||
const { id: websiteId } = req.query;
|
||||
const { id } = req.query;
|
||||
|
||||
const { userId, isAdmin, shareToken } = req.auth ?? {};
|
||||
|
||||
|
|
@ -47,11 +45,11 @@ export async function allowQuery(req) {
|
|||
}
|
||||
|
||||
if (shareToken) {
|
||||
return isValidToken(shareToken, { websiteUuid: websiteId });
|
||||
return isValidToken(shareToken, { id });
|
||||
}
|
||||
|
||||
if (userId) {
|
||||
const website = await getWebsite({ websiteUuid: websiteId });
|
||||
const website = await getWebsite({ id });
|
||||
|
||||
return website && website.userId === userId;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ export const useAuth = createMiddleware(async (req, res, next) => {
|
|||
const token = await getAuthToken(req);
|
||||
const shareToken = await getShareToken(req);
|
||||
|
||||
if (!token) {
|
||||
if (!token && !shareToken) {
|
||||
return unauthorized(res);
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,6 +1,6 @@
|
|||
{
|
||||
"name": "umami",
|
||||
"version": "1.39.0",
|
||||
"version": "1.39.1",
|
||||
"description": "A simple, fast, privacy-focused alternative to Google Analytics.",
|
||||
"author": "Mike Cao <mike@mikecao.com>",
|
||||
"license": "MIT",
|
||||
|
|
|
|||
|
|
@ -9,10 +9,11 @@ export default async (req, res) => {
|
|||
const website = await getWebsiteByShareId(id);
|
||||
|
||||
if (website) {
|
||||
const { websiteId, websiteUuid } = website;
|
||||
const token = createToken({ websiteId, websiteUuid }, secret());
|
||||
const { websiteUuid } = website;
|
||||
const data = { id: websiteUuid };
|
||||
const token = createToken(data, secret());
|
||||
|
||||
return ok(res, { websiteId, websiteUuid, token });
|
||||
return ok(res, { ...data, token });
|
||||
}
|
||||
|
||||
return notFound(res);
|
||||
|
|
|
|||
|
|
@ -14,11 +14,9 @@ export default function SharePage() {
|
|||
return null;
|
||||
}
|
||||
|
||||
const { websiteUuid } = shareToken;
|
||||
|
||||
return (
|
||||
<Layout>
|
||||
<WebsiteDetails websiteId={websiteUuid} />
|
||||
<WebsiteDetails websiteId={shareToken.id} />
|
||||
</Layout>
|
||||
);
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue