From 6ed9bafc73c99010ac4f4e07122e296c0db7547c Mon Sep 17 00:00:00 2001
From: ShahanaFarooqui <shahana.farooqui@gmail.com>
Date: Sun, 24 Feb 2019 09:28:02 -0500
Subject: [PATCH] Update authenticate.js

---
 controllers/authenticate.js | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/controllers/authenticate.js b/controllers/authenticate.js
index dbdce45a..9e8a5d4a 100644
--- a/controllers/authenticate.js
+++ b/controllers/authenticate.js
@@ -26,9 +26,10 @@ exports.authenticateUserWithCookie = (req, res, next) => {
 };
 
 exports.authenticateUser = (req, res, next) => {
-  password = atob(req.body.password);
   if(+common.rtl_sso) {
-    if (common.cookie === password) {
+    const access_key = req.cookies['access-key'];
+    res.clearCookie("access-key");
+    if (common.cookie === access_key) {
       const token = jwt.sign(
         { user: 'Custom_User', lndConfigPath: common.lnd_config_path, macaroonPath: common.macaroon_path },
         'default_secret_key'
@@ -41,6 +42,7 @@ exports.authenticateUser = (req, res, next) => {
       });
     }
   } else {
+    password = atob(req.body.password);
     if(upperCase(common.node_auth_type) === 'CUSTOM') {
       if (common.rtl_pass === password) {
         var rpcUser = 'Custom_User';
@@ -89,4 +91,4 @@ exports.authenticateUser = (req, res, next) => {
       });
     }
   }
-};
\ No newline at end of file
+};