eliminate parsing of jwt to support either jwt or api key (#124)

* eliminate parsing of jwt to support either jwt or api key * fixes for preventing non-authorized changes to users * update to AWS v3 api
2026-01-25 02:08:24 +00:00 · 2023-03-14 18:54:56 -04:00
parent aea7388ba0
commit c4cc6c51ee
6 changed files with 203 additions and 75 deletions
--- a/lib/auth/index.js
+++ b/lib/auth/index.js
@@ -99,7 +99,7 @@ const checkApiTokens = (logger, token, done) => {
        hasServiceProviderAuth: scope === 'service_provider',
        hasAccountAuth: scope === 'account'
      };
-      logger.info(user, `successfully validated with scope ${scope}`);
+      logger.debug({user}, `successfully validated with scope ${scope}`);
      return done(null, user, {scope});
    });
  });