feat: remove auth token validation and use just admin and store token

vtex-apps · Dec 14, 2023 · e98efe3 · e98efe3
1 parent 10a8fc2
commit e98efe3
Showing 1 changed file with 2 additions and 12 deletions.
diff --git a/node/directives/checkUserAccess.ts b/node/directives/checkUserAccess.ts
@@ -8,11 +8,11 @@ export async function checkUserOrAdminTokenAccess(
   operation?: string
 ) {
   const {
-    vtex: { adminUserAuthToken, storeUserAuthToken, logger, authToken },
+    vtex: { adminUserAuthToken, storeUserAuthToken, logger },
     clients: { identity, vtexId },
   } = ctx
 
-  if (!adminUserAuthToken && !storeUserAuthToken && !authToken) {
+  if (!adminUserAuthToken && !storeUserAuthToken) {
     logger.warn({
       message: `CheckUserAccess: No admin or store token was provided`,
       operation,
@@ -55,16 +55,6 @@ export async function checkUserOrAdminTokenAccess(
     if (!authUser) {
       throw new ForbiddenError('Unauthorized Access')
     }
-  } else if (authToken) {
-    try {
-      await identity.validateToken({ token: authToken })
-    } catch (err) {
-      logger.warn({
-        error: err,
-        message: 'CheckUserAccess: Invalid admin token',
-      })
-      throw new ForbiddenError('Unauthorized Access')
-    }
   }
 }