From 127b5b05353884cd6dab77f3bde7a3a5159bb391 Mon Sep 17 00:00:00 2001
From: Pranav C <pranavxc@gmail.com>
Date: Thu, 9 Feb 2023 16:34:45 +0530
Subject: [PATCH] fix(nocodb): remove acl for refresh token endpoint

Signed-off-by: Pranav C <pranavxc@gmail.com>
---
 packages/nocodb/src/lib/meta/api/userApi/userApis.ts | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts
index e72f673fe1..0ce346ead7 100644
--- a/packages/nocodb/src/lib/meta/api/userApi/userApis.ts
+++ b/packages/nocodb/src/lib/meta/api/userApi/userApis.ts
@@ -533,7 +533,7 @@ const mapRoutes = (router) => {
     '/user/password/change',
     ncMetaAclMw(passwordChange, 'passwordChange')
   );
-  router.post('/auth/token/refresh', ncMetaAclMw(refreshToken, 'refreshToken'));
+  router.post('/auth/token/refresh', catchError(refreshToken));
 
   /* Google auth apis */
 
@@ -572,10 +572,7 @@ const mapRoutes = (router) => {
     '/api/v1/db/auth/password/change',
     ncMetaAclMw(passwordChange, 'passwordChange')
   );
-  router.post(
-    '/api/v1/db/auth/token/refresh',
-    ncMetaAclMw(refreshToken, 'refreshToken')
-  );
+  router.post('/api/v1/db/auth/token/refresh', catchError(refreshToken));
   router.get(
     '/api/v1/db/auth/password/reset/:tokenId',
     catchError(renderPasswordReset)
@@ -606,10 +603,7 @@ const mapRoutes = (router) => {
     '/api/v1/auth/password/change',
     ncMetaAclMw(passwordChange, 'passwordChange')
   );
-  router.post(
-    '/api/v1/auth/token/refresh',
-    ncMetaAclMw(refreshToken, 'refreshToken')
-  );
+  router.post('/api/v1/auth/token/refresh', catchError(refreshToken));
   // respond with password reset page
   router.get('/auth/password/reset/:tokenId', catchError(renderPasswordReset));
 };