Wrong number of parameters in signToken method

[remicastaing]

The method signToken from auth.service.js is always called with two parameters:

var token = signToken(req.user._id, req.user.role);

(in /app/templates/server/auth(auth)/local/index.js line 15 or in /app/templates/server/auth(auth)/auth.service.js line 68)

But the function just accepts one parameter:

/**
 * Returns a jwt token signed by the app secret
 */
function signToken(id) {
  return jwt.sign({ _id: id }, config.secrets.session, { expiresInMinutes: 60*5 });
}

Where are the informations user.id and user.role extrated out of the token and then used?

[remicastaing]

I mean auth.service.js on server side.

[meeDamian]

Good point. I'm currently rebuilding auth system, and I'll take that into account :).

[remicastaing]

Is the information user.id somewhere extracted from the token and then used?

[meeDamian]

Yes. I believe that's how jwt works.

If you have some spare time you can checkout my WIP on one-account here. Some things are in coffeescript, because that's faster for me, I'll convert it to vanilla JS a little bit later.

[remicastaing]

I will take a look tomorrow. Sometimes I had to sleep. ;)

signtoken put the userID in the token. But I find no place where this userID is taken out.

[meeDamian]

I believe it is addressed in #392