From b3e27ed1b9881a725c9ea02151e929a037e3a71e Mon Sep 17 00:00:00 2001
From: "D. Berge" <dberge@aaltronav.eu>
Date: Thu, 24 Jul 2025 19:15:36 +0200
Subject: [PATCH] Refactor `auth.authentify`.

We now get the user's details directly from the JWT token.
---
 lib/www/server/api/middleware/auth/authentify.js | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/lib/www/server/api/middleware/auth/authentify.js b/lib/www/server/api/middleware/auth/authentify.js
index bd75486..8be7a14 100644
--- a/lib/www/server/api/middleware/auth/authentify.js
+++ b/lib/www/server/api/middleware/auth/authentify.js
@@ -78,11 +78,10 @@ async function auth (req, res, next) {
 			if (req.user.exp) {
 				const ttl = req.user.exp - Date.now()/1000;
 				if (ttl < cfg.jwt.options.expiresIn/2) {
-					const credentials = cfg._("global.users.login.user").find(i => i.name == req.user.name && i.role == req.user.role);
+					const credentials = await user.get(req.user.id);
 					if (credentials) {
 						// Refresh token
 						payload = Object.assign({}, credentials);
-						delete payload.hash;
 						jwt.issue(Object.assign({}, credentials), req, res);
 					}
 				}