Merge pull request #570 from thelounge/astorije/569-fix-auth

Make sure users with wrong tokens are locked out instead of crashing the app
2016-08-21 16:13:10 +03:00 · 2016-08-21 16:13:10 +03:00 · eabc808565
commit eabc808565
parent ed9c257e4f 40b8f0c293
1 changed files with 2 additions and 2 deletions
--- a/src/server.js
+++ b/src/server.js
@ -286,10 +286,10 @@ function auth(data) {
 		}
 	} else {
 		client = manager.findClient(data.user, data.token);
-		var signedIn = data.token && data.token === client.config.token;
+		var signedIn = data.token && client && data.token === client.config.token;
 		var token;

-		if (data.remember || data.token) {
+		if (client && (data.remember || data.token)) {
 			token = client.config.token;
 		}