Commit d4cf14ec authored by Kasper Seweryn's avatar Kasper Seweryn 🥞 Committed by Kasper Seweryn
Browse files

Remove JWT leftovers

parent 00158f25
...@@ -666,18 +666,17 @@ export default { ...@@ -666,18 +666,17 @@ export default {
// so authentication can be checked by the backend // so authentication can be checked by the backend
// because for audio files we cannot use the regular Authentication // because for audio files we cannot use the regular Authentication
// header // header
let param = 'jwt' return sources.map(source => {
let value = this.$store.state.auth.token source.url = updateQueryString(
if (this.$store.state.auth.scopedTokens && this.$store.state.auth.scopedTokens.listen) { source.url,
// used scoped tokens instead of JWT to reduce the attack surface if the token 'token',
// is leaked this.$store.state.auth.scopedTokens.listen
param = 'token' )
value = this.$store.state.auth.scopedTokens.listen
} return source
sources.forEach(e => {
e.url = updateQueryString(e.url, param, value)
}) })
} }
return sources return sources
}, },
......
...@@ -310,25 +310,19 @@ export default { ...@@ -310,25 +310,19 @@ export default {
return null return null
}, },
downloadUrl () { downloadUrl () {
let u = this.$store.getters['instance/absoluteUrl']( const url = this.$store.getters['instance/absoluteUrl'](
this.upload.listen_url this.upload.listen_url
) )
if (this.$store.state.auth.authenticated) { if (this.$store.state.auth.authenticated) {
let param = 'jwt' return updateQueryString(
let value = this.$store.state.auth.token url,
if (this.$store.state.auth.scopedTokens && this.$store.state.auth.scopedTokens.listen) { 'token',
// used scoped tokens instead of JWT to reduce the attack surface if the token encodeURI(this.$store.state.auth.scopedTokens.listen)
// is leaked
param = 'token'
value = this.$store.state.auth.scopedTokens.listen
}
u = updateQueryString(
u,
param,
encodeURI(value)
) )
} }
return u
return url
}, },
attributedToUrl () { attributedToUrl () {
const route = this.$router.resolve({ const route = this.$router.resolve({
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment