From fa8976c98f5702c68bc002870a09b53dfef3b7c2 Mon Sep 17 00:00:00 2001
From: Aurelsicoko <aurelsicoko@gmail.com>
Date: Thu, 18 Jan 2018 11:13:44 +0100
Subject: [PATCH] Fix infinite login

---
 .../config/policies/permissions.js                            | 4 ++--
 .../config/queries/mongoose.js                                | 2 +-
 packages/strapi-plugin-users-permissions/controllers/User.js  | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/packages/strapi-plugin-users-permissions/config/policies/permissions.js b/packages/strapi-plugin-users-permissions/config/policies/permissions.js
index 7a390a45b4..ff74408130 100644
--- a/packages/strapi-plugin-users-permissions/config/policies/permissions.js
+++ b/packages/strapi-plugin-users-permissions/config/policies/permissions.js
@@ -3,9 +3,9 @@ module.exports = async (ctx, next) => {
 
   if (ctx.request && ctx.request.header && ctx.request.header.authorization) {
     try {
-      const token = await strapi.plugins['users-permissions'].services.jwt.getToken(ctx);
+      const { _id, id } = await strapi.plugins['users-permissions'].services.jwt.getToken(ctx);
 
-      ctx.state.user = await strapi.query('user', 'users-permissions').findOne({ _id, id } = token, ['role'])
+      ctx.state.user = await strapi.query('user', 'users-permissions').findOne({ _id, id }, ['role']);
     } catch (err) {
       return ctx.unauthorized(err);
     }
diff --git a/packages/strapi-plugin-users-permissions/config/queries/mongoose.js b/packages/strapi-plugin-users-permissions/config/queries/mongoose.js
index aab2444afe..7de380e672 100644
--- a/packages/strapi-plugin-users-permissions/config/queries/mongoose.js
+++ b/packages/strapi-plugin-users-permissions/config/queries/mongoose.js
@@ -23,7 +23,7 @@ module.exports = {
     } else if (params.id) {
       delete params.id;
     }
-
+    
     return this
       .findOne(params)
       .populate(populate || this.associations.map(x => x.alias).join(' '));
diff --git a/packages/strapi-plugin-users-permissions/controllers/User.js b/packages/strapi-plugin-users-permissions/controllers/User.js
index 15f1c242be..78588dfde5 100644
--- a/packages/strapi-plugin-users-permissions/controllers/User.js
+++ b/packages/strapi-plugin-users-permissions/controllers/User.js
@@ -39,7 +39,7 @@ module.exports = {
     if (!user) {
       return ctx.badRequest(null, [{ messages: [{ id: 'No authorization header was found' }] }]);
     }
-    
+
     const data = _.omit(user.toJSON ? user.toJSON() : user, ['password', 'resetPasswordToken']);
 
     // Send 200 `ok`