krgamestudios/MERN-template
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

No longer needs the refreshToken to logout

Browse Source
This commit is contained in:
Kayne Ruse
2021-08-15 00:54:28 +10:00
parent bb1590bae7
commit c766c43223
1 changed files with 19 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files
client/components/utilities/token-provider.jsx
+19 -15
View File
@@ -3,7 +3,10 @@ import decode from 'jwt-decode';
export const TokenContext = createContext(); export const TokenContext = createContext();
//DOCS: tokenFetch() and tokenCallback() are actually closures here
const TokenProvider = props => { const TokenProvider = props => {
//state to be used
const [accessToken, setAccessToken] = useState(''); const [accessToken, setAccessToken] = useState('');
const [refreshToken, setRefreshToken] = useState(''); const [refreshToken, setRefreshToken] = useState('');
@@ -13,6 +16,7 @@ const TokenProvider = props => {
setRefreshToken(localStorage.getItem("refreshToken") || ''); setRefreshToken(localStorage.getItem("refreshToken") || '');
}, []); }, []);
//update the stored copies
useEffect(() => { useEffect(() => {
localStorage.setItem("accessToken", accessToken); localStorage.setItem("accessToken", accessToken);
localStorage.setItem("refreshToken", refreshToken); localStorage.setItem("refreshToken", refreshToken);
@@ -27,6 +31,21 @@ const TokenProvider = props => {
const expired = new Date(decode(accessToken).exp * 1000) < Date.now(); const expired = new Date(decode(accessToken).exp * 1000) < Date.now();
if (expired) { if (expired) {
//BUGFIX: if logging out, just skip over the refresh token
if (url === `${process.env.AUTH_URI}/auth/logout`) {
return fetch(url, {
method: 'DELETE',
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
'Authorization': `Bearer ${bearer}`
},
body: JSON.stringify({
token: refreshToken
})
});
}
//ping the auth server for a new token //ping the auth server for a new token
const response = await fetch(`${process.env.AUTH_URI}/auth/token`, { const response = await fetch(`${process.env.AUTH_URI}/auth/token`, {
method: 'POST', method: 'POST',
@@ -50,21 +69,6 @@ const TokenProvider = props => {
setAccessToken(newAuth.accessToken); setAccessToken(newAuth.accessToken);
setRefreshToken(newAuth.refreshToken); setRefreshToken(newAuth.refreshToken);
bearer = newAuth.accessToken; bearer = newAuth.accessToken;
//BUGFIX: logging out correctly requires the new refresh token
if (url == `${process.env.AUTH_URI}/auth/logout`) {
return fetch(`${process.env.AUTH_URI}/auth/logout`, {
method: 'DELETE',
headers: {
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*',
'Authorization': `Bearer ${bearer}`
},
body: JSON.stringify({
token: newAuth.refreshToken
})
});
}
} }
//finally, delegate to fetch //finally, delegate to fetch