fix: security flaw on auth tokens, error handling

2021-04-06 19:12:36 +01:00 · 2021-04-06 19:12:36 +01:00 · c00249586d
commit c00249586d
parent 40974dd501
12 changed files with 185 additions and 144 deletions
--- a/new-lamassu-admin/src/pages/Authentication/Register.js
+++ b/new-lamassu-admin/src/pages/Authentication/Register.js
@ -27,8 +27,18 @@ const VALIDATE_REGISTER_LINK = gql`
 `

 const REGISTER = gql`
-  mutation register($username: String!, $password: String!, $role: String!) {
-    register(username: $username, password: $password, role: $role)
+  mutation register(
+    $token: String!
+    $username: String!
+    $password: String!
+    $role: String!
+  ) {
+    register(
+      token: $token
+      username: $username
+      password: $password
+      role: $role
+    )
  }
 `

@ -117,6 +127,7 @@ const Register = () => {
                  onSubmit={values => {
                    register({
                      variables: {
+                        token: token,
                        username: username,
                        password: values.password,
                        role: role