Merge pull request #2413 from nocodb/fix/token-version-on-signup

fix: add missing token_version

packages/nocodb/src/lib/meta/api/projectUserApis.ts

@@ -15,6 +15,7 @@ import NcPluginMgrv2 from '../helpers/NcPluginMgrv2';
 import Noco from '../../Noco';
 import { PluginCategory } from 'nocodb-sdk';
 import { metaApiMetrics } from '../helpers/apiMetrics';
+import { randomTokenString } from '../helpers/stringHelpers';
 
 async function userList(req, res) {
   res.json({
@@ -101,7 +102,8 @@ async function userInvite(req, res, next): Promise<any> {
           invite_token,
           invite_token_expires: new Date(Date.now() + 24 * 60 * 60 * 1000),
           email,
-          roles: 'user'
+          roles: 'user',
+          token_version: randomTokenString()
         });
 
         // add user to project

packages/nocodb/src/lib/meta/api/userApi/helpers.ts

@@ -1,4 +1,5 @@
 import * as jwt from 'jsonwebtoken';
+import crypto from 'crypto';
 import User from '../../../models/User';
 import { NcConfig } from '../../../../interface/config';
 
@@ -16,3 +17,7 @@ export function genJwt(user: User, config: NcConfig) {
     config.auth.jwt.options
   );
 }
+
+export function randomTokenString(): string {
+  return crypto.randomBytes(40).toString('hex');
+}

packages/nocodb/src/lib/meta/api/userApi/initStrategies.ts

@@ -8,6 +8,7 @@ import passport from 'passport';
 import { ExtractJwt } from 'passport-jwt';
 import { Strategy as AuthTokenStrategy } from 'passport-auth-token';
 import { Strategy as GoogleStrategy } from 'passport-google-oauth20';
+import { randomTokenString } from '../../helpers/stringHelpers';
 
 const PassportLocalStrategy = require('passport-local').Strategy;
 
@@ -102,7 +103,11 @@ export function initStrategies(router): void {
         );
 
         if (cachedVal) {
-          if (cachedVal.token_version !== jwtPayload.token_version) {
+          if (
+            cachedVal.token_version &&
+            jwtPayload.token_version &&
+            cachedVal.token_version !== jwtPayload.token_version
+          ) {
             return done(new Error('Token Expired. Please login again.'));
           }
           return done(null, cachedVal);
@@ -110,7 +115,11 @@ export function initStrategies(router): void {
 
         User.getByEmail(jwtPayload?.email)
           .then(async user => {
-            if (user.token_version !== jwtPayload.token_version) {
+            if (
+              user.token_version &&
+              jwtPayload.token_version &&
+              user.token_version !== jwtPayload.token_version
+            ) {
               return done(new Error('Token Expired. Please login again.'));
             }
             if (req.ncProjectId) {
@@ -266,7 +275,8 @@ export function initStrategies(router): void {
                     password: '',
                     salt,
                     roles,
-                    email_verified: true
+                    email_verified: true,
+                    token_version: randomTokenString()
                   });
                   return done(null, user);
                 }

packages/nocodb/src/lib/meta/api/userApi/userApis.ts

@@ -11,7 +11,6 @@ import { Tele } from 'nc-help';
 
 const { v4: uuidv4 } = require('uuid');
 import Audit from '../../../models/Audit';
-import crypto from 'crypto';
 import NcPluginMgrv2 from '../../helpers/NcPluginMgrv2';
 
 import passport from 'passport';
@@ -20,6 +19,7 @@ import ncMetaAclMw from '../../helpers/ncMetaAclMw';
 import { MetaTable } from '../../../utils/globals';
 import Noco from '../../../Noco';
 import { genJwt } from './helpers';
+import { randomTokenString } from '../../helpers/stringHelpers';
 
 export async function signup(req: Request, res: Response<TableType>) {
   const {
@@ -243,10 +243,6 @@ async function googleSignin(req, res, next) {
   )(req, res, next);
 }
 
-function randomTokenString(): string {
-  return crypto.randomBytes(40).toString('hex');
-}
-
 function setTokenCookie(res, token): void {
   // create http only cookie with refresh token that expires in 7 days
   const cookieOptions = {

packages/nocodb/src/lib/meta/helpers/stringHelpers.ts

@@ -0,0 +1,5 @@
+import crypto from 'crypto';
+
+export function randomTokenString(): string {
+  return crypto.randomBytes(40).toString('hex');
+}