search

appy-one / acebase-server

A fast, low memory, transactional, index & query enabled NoSQL database server for node.js that easily syncs with browser and node.js clients and servers
MIT License
31 stars 14 forks source link

(esm) TypeError: Cannot read properties of undefined (reading 'uid') #69

Closed donl closed 1 year ago

donl commented 1 year ago

I don't think I was doing anything special code-wise... Just poking around on the client while not being signed in. Doesn't seem to happen 100% repeatably. 

file:///app/node_modules/acebase-server/dist/esm/middleware/user.js:28
            req.user = env.authCache.get(tokenDetails.uid);
                                                      ^

TypeError: Cannot read properties of undefined (reading 'uid')
    at file:///app/node_modules/acebase-server/dist/esm/middleware/user.js:28:55
    at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/app/node_modules/express/lib/router/index.js:328:13)
    at /app/node_modules/express/lib/router/index.js:286:9
    at Function.process_params (/app/node_modules/express/lib/router/index.js:346:12)
    at next (/app/node_modules/express/lib/router/index.js:280:10)
    at file:///app/node_modules/acebase-server/dist/esm/middleware/cache.js:7:9
    at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/app/node_modules/express/lib/router/index.js:328:13)
    at /app/node_modules/express/lib/router/index.js:286:9
    at Function.process_params (/app/node_modules/express/lib/router/index.js:346:12)
    at next (/app/node_modules/express/lib/router/index.js:280:10)
    at file:///app/node_modules/acebase-server/dist/esm/middleware/cors.js:41:9
    at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
    at trim_prefix (/app/node_modules/express/lib/router/index.js:328:13)
    at /app/node_modules/express/lib/router/index.js:286:9

Node.js v18.11.0
appy-one commented 1 year ago

Thanks @donl I'll take a look

appy-one commented 1 year ago

@donl it appears the issue is caused by a client sending a request with an invalid user token. The function parsing the token doesn't throw on unexpected input at https://github.com/appy-one/acebase-server/blob/master/src/shared/tokens.ts#L35

I'll fix this tomorrow!

appy-one commented 1 year ago

I published the fix in v1.16.2, thanks for reporting @donl!