fix: keep apiKey encrypted in refresh operation (#13063) #13177
+48
−7
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
contip
force-pushed
the
fix/refresh-keeps-apiKey-encrypted
branch
from
91b6997 to
c76b5c2
Compare
contip
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
What?
Prevents decrypted apiKey from being saved back to database on the auth refresh operation.
Why?
References issue #13063: refreshing a token for a logged-in user decrypted
apiKeyand wrote it back in plaintext, corrupting the user record.How?
The user is now fetched with
db.findOneinstead offindByID, preserving the encryption of the key when saved back to the database usingdb.updateOne. The user record is then re-fetched usingfindByID, allowing for the decrypted key to be provided in the response.Tests
Fixes #13063