Remove JWT leftovers

2022-04-23 10:19:13 +02:00 · 2022-04-23 10:19:13 +02:00 · 4528c5edff
parent 9fcc745e3c
commit 4528c5edff
2 changed files with 17 additions and 24 deletions
--- a/front/src/components/audio/Player.vue
+++ b/front/src/components/audio/Player.vue
@ -666,18 +666,17 @@ export default {
        // so authentication can be checked by the backend
        // because for audio files we cannot use the regular Authentication
        // header
-        let param = 'jwt'
-        let value = this.$store.state.auth.token
-        if (this.$store.state.auth.scopedTokens && this.$store.state.auth.scopedTokens.listen) {
-          // used scoped tokens instead of JWT to reduce the attack surface if the token
-          // is leaked
-          param = 'token'
-          value = this.$store.state.auth.scopedTokens.listen
-        }
-        sources.forEach(e => {
-          e.url = updateQueryString(e.url, param, value)
+        return sources.map(source => {
+          source.url = updateQueryString(
+            source.url,
+            'token',
+            this.$store.state.auth.scopedTokens.listen
+          )
+
+          return source
        })
      }
+
      return sources
    },

--- a/front/src/components/library/TrackBase.vue
+++ b/front/src/components/library/TrackBase.vue
@ -310,25 +310,19 @@ export default {
      return null
    },
    downloadUrl () {
-      let u = this.$store.getters['instance/absoluteUrl'](
+      const url = this.$store.getters['instance/absoluteUrl'](
        this.upload.listen_url
      )
+
      if (this.$store.state.auth.authenticated) {
-        let param = 'jwt'
-        let value = this.$store.state.auth.token
-        if (this.$store.state.auth.scopedTokens && this.$store.state.auth.scopedTokens.listen) {
-          // used scoped tokens instead of JWT to reduce the attack surface if the token
-          // is leaked
-          param = 'token'
-          value = this.$store.state.auth.scopedTokens.listen
-        }
-        u = updateQueryString(
-          u,
-          param,
-          encodeURI(value)
+        return updateQueryString(
+          url,
+          'token',
+          encodeURI(this.$store.state.auth.scopedTokens.listen)
        )
      }
-      return u
+
+      return url
    },
    attributedToUrl () {
      const route = this.$router.resolve({