Update

2020-05-15 18:28:27 +01:00 · 2020-05-15 18:28:27 +01:00 · eab73be3e5
commit eab73be3e5
parent ab8eaf2698
2 changed files with 9 additions and 17 deletions
--- a/functions/views/js/fAuth.js
+++ b/functions/views/js/fAuth.js
@ -7,7 +7,7 @@ function checkAuth(){

 			firebase.auth().currentUser.getIdToken().then(function(idToken) {
 				let url = 'login-user-api'
-				let data = {uToken: idToken, user: user}
+				let data = {uToken: idToken}
 				let postData = {method: 'POST', body: JSON.stringify(data),headers: {'Content-Type': 'application/json'}}
 				fetch(url, postData)
 				.then(response => response.json())
--- a/server.js
+++ b/server.js
@ -376,24 +376,16 @@ app.post('/sold-api', async function(request, responce){
 })

 app.post('/login-user-api', function(request, responce){
-	if (request.body.uToken && request.body.user) {
+	if (request.body.uToken) {
 		admin.auth().verifyIdToken(request.body.uToken)
 			.then(async function(decodedToken) {
-				let user = request.body.user
 				let uid = decodedToken.uid
-
-				if (uid != user.uid){
-					responce.send({success:false, error:'Stop hacking'})
-				}
-				else {
-					let rsp = await checkNewUser(user)
+				let rsp = await checkNewUser(uid)
 				responce.send(rsp)
-				}
 			})
-			.catch(function(error) {
-				responce.send({success:false, error:'invalid auth token'})
-				console.log(error)
-			});
+			.catch(e=>{
+				responce.send({success:false, error:'invalid auth token, ' + e})
+			})
 	}
 	else {
 		responce.send({success:false, error: 'invalid data'})
@ -520,8 +512,8 @@ async function authCheck(token) {
 	return uid
 }

-async function checkNewUser(user){
-	let snapshot = await checkUserExists(user.uid)
+async function checkNewUser(uid){
+	let snapshot = await checkUserExists(uid)
 	if (snapshot){
 		let users = snapshot.val()
 		let keys = Object.keys(users)