Make token API id based

we don't return the accessToken anymore
2019-02-15 13:57:18 -08:00
parent d62bf6812e
commit 08bb8e3df9
7 changed files with 112 additions and 49 deletions
--- a/src/accesscontrol.js
+++ b/src/accesscontrol.js
@@ -121,7 +121,7 @@ function validateToken(accessToken, callback) {
    assert.strictEqual(typeof accessToken, 'string');
    assert.strictEqual(typeof callback, 'function');

-    tokendb.get(accessToken, function (error, token) {
+    tokendb.getByAccessToken(accessToken, function (error, token) {
        if (error && error.reason === DatabaseError.NOT_FOUND) return callback(null, null /* user */, 'Invalid Token'); // will end up as a 401
        if (error) return callback(error); // this triggers 'internal error' in passport