jonaszbigda/menui_backend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implementation of refresh tokens.

Browse Source 
new route .../user/refreshtoken
This commit is contained in:
Jonasz Bigda
2020-11-21 19:21:41 +01:00
parent c1eb7d87c5
commit 2dc4636296
9 changed files with 116 additions and 47 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
routes/routeUser.js
View File

@@ -19,6 +19,7 @@ const {
validateRefreshToken,
} = require("../services/services.js");
const { resetPassword } = require("../services/mailServices.js");
const cookie = require("cookie");
var router = express.Router();
@@ -32,18 +33,25 @@ router.post("/login", async (req, res) => {
await checkPassword(req.body.password, user.password);
const safeUser = await prepareSafeUser(user);
var token = generateAuthToken(safeUser);
var refreshToken = generateRefreshToken(user._id);
res.header("x-auth-token", token).header("ref", refreshToken).status(202).send(safeUser);
var refreshToken = generateRefreshToken(user);
res.header("x-auth-token", token)
.header("Set-Cookie", cookie.serialize("refreshToken", refreshToken, { httpOnly: true }))
.status(202).send(safeUser);
} catch (error) {
handleError(error, res);
}
});
//REFRESH_TOKEN
router.post("refreshtoken", async (req, res) => {
router.post("/refreshtoken", async (req, res) => {
try {
const refreshToken = req.headers["ref"];
validateRefreshToken(refreshToken);
const cookies = cookie.parse(req.headers.cookie);
const user = validateRefreshToken(cookies.refreshToken);
const newAccessToken = generateAuthToken(user);
const newRefreshToken = generateRefreshToken(user);
res.header("x-auth-token", newAccessToken)
.header("Set-Cookie", cookie.serialize("refreshToken", newRefreshToken, { httpOnly: true }))
.status(202).send("Auth token refreshed.");
} catch (error) {
handleError(error, res);
}