From 5fd810122457b24d9a55c63e80a4ba6aab3993ab Mon Sep 17 00:00:00 2001
From: Midgard <midgard@zeus.ugent.be>
Date: Wed, 25 Mar 2020 22:17:24 +0100
Subject: [PATCH] Fix token validation

---
 index.html |  4 ++--
 main.js    | 10 ++++++++--
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/index.html b/index.html
index 967d483..1a615e8 100644
--- a/index.html
+++ b/index.html
@@ -12,8 +12,8 @@
 				<tr><th>Username</th><td><input type="text" id="username"/></td></tr>
 				<tr><th>Password</th><td><input type="password" id="password"/></td></tr>
 			</table>
-			<input type="button" onclick="this.disabled = true; this.value = 'Validating token'; validateToken(); return false" id="validate" value="Validate token"/> </input>(ignores username and password) <br/>
-			<input type="button" onclick="this.disabled = true; this.value = 'Logging in...'; logIn(); return false" value="Log in"/>
+			<input type="button" onclick="this.disabled = true; this.value = 'Logging in...'; logIn(); return false" value="Log in"/><br/>
+			<input type="button" onclick="this.disabled = true; this.value = 'Validating token'; validateToken(); return false" id="validate" value="Validate token"/> </input>(ignores username and password)
 		</form>
 		<script type="text/javascript" src="xhr.js"></script>
 		<script type="text/javascript" src="main.js"></script>
diff --git a/main.js b/main.js
index 12ae4e6..d2bbe09 100644
--- a/main.js
+++ b/main.js
@@ -30,7 +30,7 @@ class MattermostApi {
 	async validateToken(token) {
 		const response = await ajax.getJson(`${this.endpoint}/users/me`, {
 			headers: {
-				"Token": `Authorization: Bearer ${token}`
+				"Authorization": `Bearer ${token}`
 			}
 		});
 		if (!response.ok) {
@@ -85,8 +85,14 @@ function logIn() {
 function validateToken() {
 	let endpoint = normalizedEndpoint(byId("server").value);
 
+	let cred = getCredentials(endpoint);
+	if (!cred || !cred.token) {
+		byId("validate").value = "No token, log in first";
+		byId("validate").disabled = false;
+	}
+
 	let api = new MattermostApi(endpoint);
-	api.validateToken(getCredentials(endpoint))
+	api.validateToken(cred.token)
 		.then(() => {
 			byId("validate").value = "Validation succeeded";
 			byId("validate").disabled = false;