krgamestudios/auth-server
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

BUGFIX: clear out old refresh tokens

Browse Source
This commit is contained in:
Kayne Ruse
2022-12-01 12:06:20 +00:00
parent 763efb75bf
commit cec30620ec
2 changed files with 23 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
server/server.js
+11
View File
@@ -36,6 +36,17 @@ app.get('*', (req, res) => {
//startup //startup
server.listen(process.env.WEB_PORT || 3200, async (err) => { server.listen(process.env.WEB_PORT || 3200, async (err) => {
//BUGFIX: clear out old refresh tokens
const { Op } = require('sequelize');
const { tokens } = require('./database/models');
tokens.destroy({
where: {
createdAt: {
[Op.lt]: new Date(new Date().setDate(new Date().getDate() - 30))
}
}
});
await database.sync(); await database.sync();
console.log(`listening to localhost:${process.env.WEB_PORT || 3200}`); console.log(`listening to localhost:${process.env.WEB_PORT || 3200}`);
}); });
tools/react/token-provider.jsx
+12
View File
@@ -9,6 +9,12 @@ const TokenProvider = props => {
//state to be used //state to be used
const [accessToken, setAccessToken] = useState(''); const [accessToken, setAccessToken] = useState('');
//force a logout under certain conditions
const forceLogout = () => {
localStorage.removeItem("accessToken");
setAccessToken("");
};
//make the access token persist between reloads //make the access token persist between reloads
useEffect(() => { useEffect(() => {
setAccessToken(localStorage.getItem("accessToken") || ''); setAccessToken(localStorage.getItem("accessToken") || '');
@@ -47,6 +53,9 @@ const TokenProvider = props => {
//any errors, throw them //any errors, throw them
if (!response.ok) { if (!response.ok) {
if (response.status == 403) {
forceLogout();
}
throw `${response.status}: ${await response.text()}`; throw `${response.status}: ${await response.text()}`;
} }
@@ -82,6 +91,9 @@ const TokenProvider = props => {
//any errors, throw them //any errors, throw them
if (!response.ok) { if (!response.ok) {
if (response.status == 403) {
forceLogout();
}
throw `${response.status}: ${await response.text()}`; throw `${response.status}: ${await response.text()}`;
} }