krgamestudios/auth-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Testing cookies

Browse Source
This commit is contained in:
Kayne Ruse
2022-07-25 15:55:58 +01:00
parent 76fdbc0d13
commit 678d55779d
12 changed files with 79 additions and 148 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/utilities/token-auth.js
+4 -4
View File
@@ -3,13 +3,13 @@ const jwt = require('jsonwebtoken');
//middleware to authenticate the JWT token
module.exports = (req, res, next) => {
const authHeader = req.headers['authorization'];
const token = authHeader?.split(' ')[1]; //'Bearer token'
const accessToken = authHeader?.split(' ')[1]; //'Bearer token'
if (!token) {
return res.status(401).send('No token found');
if (!accessToken) {
return res.status(401).send('No access token found');
}
return jwt.verify(token, process.env.SECRET_ACCESS, (err, user) => {
return jwt.verify(accessToken, process.env.SECRET_ACCESS, (err, user) => {
if (err) {
return res.status(403).send(err);
}
server/utilities/token-destroy.js
+2 -2
View File
@@ -1,9 +1,9 @@
const { tokens } = require('../database/models');
module.exports = (token) => {
module.exports = (refreshToken) => {
tokens.destroy({
where: {
token: token || ''
token: refreshToken || ''
}
});
}
server/utilities/token-generate.js → server/utilities/token-generate-refresh.js
+1 -1
View File
@@ -13,7 +13,7 @@ module.exports = (index, email, username, type, admin, mod) => {
};
//these are strings
const accessToken = jwt.sign(content, process.env.SECRET_ACCESS, { expiresIn: '10m', issuer: 'auth' });
const accessToken = jwt.sign(content, process.env.SECRET_ACCESS, { expiresIn: '1s', issuer: 'auth' });
const refreshToken = jwt.sign(content, process.env.SECRET_REFRESH, { expiresIn: '30d', issuer: 'auth' });
tokens.create({ token: refreshToken, email: email });
server/utilities/token-refresh.js
+8 -8
View File
@@ -1,17 +1,17 @@
const jwt = require('jsonwebtoken');
const { tokens } = require('../database/models');
const generate = require('./token-generate');
const generate = require('./token-generate-refresh');
const destroy = require('./token-destroy');
module.exports = async (token, callback) => {
if (!token) {
module.exports = async (oldRefreshToken, callback) => {
if (!oldRefreshToken) {
return callback(401);
}
const tokenRecord = await tokens.findOne({
where: {
token: token || ''
token: oldRefreshToken || ''
}
});
@@ -19,15 +19,15 @@ module.exports = async (token, callback) => {
return callback(403);
}
jwt.verify(token, process.env.SECRET_REFRESH, (err, user) => {
jwt.verify(oldRefreshToken, process.env.SECRET_REFRESH, (err, user) => {
if (err) {
return callback(403);
}
const result = generate(user.index, user.email, user.username, user.type, user.admin, user.mod);
const { accessToken, refreshToken } = generate(user.index, user.email, user.username, user.type, user.admin, user.mod);
destroy(token);
destroy(oldRefreshToken);
return callback(null, result);
return callback(null, accessToken, refreshToken);
});
};