refactor(server scopes): use constants for tokens write scope

2023-07-26 13:51:24 +02:00
parent ab48fef46a
commit bd98b56e02
1 changed files with 2 additions and 1 deletions
@@ -14,6 +14,7 @@ const { revokeRefreshToken } = require(`@/modules/auth/services/apps`)
 const { validateScopes } = require(`@/modules/shared`)
 const { InvalidAccessCodeRequestError } = require('@/modules/auth/errors')
 const { ForbiddenError } = require('apollo-server-errors')
+const { Scopes } = require('@speckle/shared')

 // TODO: Secure these endpoints!
 module.exports = (app) => {
@@ -38,7 +39,7 @@ module.exports = (app) => {
      if (!valid) throw new InvalidAccessCodeRequestError('Invalid token')

      // 2. Validate token scopes
-      await validateScopes(scopes, 'tokens:write')
+      await validateScopes(scopes, Scopes.Tokens.Write)

      const ac = await createAuthorizationCode({ appId, userId, challenge })
      return res.redirect(`${app.redirectUrl}?access_code=${ac}`)