Compare commits
3 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
 Kayne Ruse
|
3c790f51c7 | ||
|
Kayne Ruse
|
44e19154ab | ||
|
Kayne Ruse
|
fd0c40d444 |
+1
-1
@@ -1,7 +1,7 @@
|
||||
|
||||
FROM node:18-bullseye-slim
|
||||
WORKDIR "/app"
|
||||
COPY package*.json ./
|
||||
COPY package*.json /app
|
||||
RUN npm install --production
|
||||
COPY . /app
|
||||
EXPOSE 3200
|
||||
|
||||
Generated
+2
-2
@@ -1,12 +1,12 @@
|
||||
{
|
||||
"name": "auth-server",
|
||||
"version": "1.7.8",
|
||||
"version": "1.7.10",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {
|
||||
"": {
|
||||
"name": "auth-server",
|
||||
"version": "1.7.8",
|
||||
"version": "1.7.10",
|
||||
"license": "ISC",
|
||||
"dependencies": {
|
||||
"bcryptjs": "^2.4.3",
|
||||
|
||||
+1
-1
@@ -1,6 +1,6 @@
|
||||
{
|
||||
"name": "auth-server",
|
||||
"version": "1.7.9",
|
||||
"version": "1.7.11",
|
||||
"description": "An API centric auth server. Uses Sequelize and mariaDB by default.",
|
||||
"main": "server/server.js",
|
||||
"scripts": {
|
||||
|
||||
@@ -49,7 +49,7 @@ const route = async (req, res) => {
|
||||
}
|
||||
|
||||
//generate the JWTs
|
||||
const { accessToken, refreshToken } = tokenGenerateRefresh(account.index, account.email, account.username, account.type, account.admin, account.mod);
|
||||
const { accessToken, refreshToken } = await tokenGenerateRefresh(account.index, account.email, account.username, account.type, account.admin, account.mod);
|
||||
|
||||
//set the cookie
|
||||
res.cookie('refreshToken', refreshToken, { path: '/', httpOnly: true, secure: true, sameSite: 'none', maxAge: 60 * 60 * 24 * 30 * 1000 }); //30 days
|
||||
|
||||
@@ -1,10 +1,8 @@
|
||||
const jwt = require('jsonwebtoken');
|
||||
|
||||
const tokenRefresh = require('../utilities/token-refresh');
|
||||
|
||||
//auth/token
|
||||
module.exports = async (req, res) => {
|
||||
return tokenRefresh(req.cookies.refreshToken || '', (err, accessToken, refreshToken) => {
|
||||
return await tokenRefresh(req.cookies.refreshToken || '', (err, accessToken, refreshToken) => {
|
||||
if (err) {
|
||||
return res.status(err).end();
|
||||
}
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
const { tokens } = require('../database/models');
|
||||
|
||||
module.exports = (refreshToken) => {
|
||||
tokens.destroy({
|
||||
module.exports = async (refreshToken) => {
|
||||
await tokens.destroy({
|
||||
where: {
|
||||
token: refreshToken || ''
|
||||
}
|
||||
|
||||
@@ -2,7 +2,7 @@ const jwt = require('jsonwebtoken');
|
||||
const { tokens } = require('../database/models');
|
||||
|
||||
//generates a JWT token based on the given arguments
|
||||
module.exports = (index, email, username, type, admin, mod) => {
|
||||
module.exports = async (index, email, username, type, admin, mod) => {
|
||||
const content = {
|
||||
index,
|
||||
email,
|
||||
@@ -16,7 +16,7 @@ module.exports = (index, email, username, type, admin, mod) => {
|
||||
const accessToken = jwt.sign(content, process.env.SECRET_ACCESS, { expiresIn: '10m', issuer: 'auth' });
|
||||
const refreshToken = jwt.sign(content, process.env.SECRET_REFRESH, { expiresIn: '30d', issuer: 'auth' });
|
||||
|
||||
tokens.create({ token: refreshToken, email: email });
|
||||
await tokens.create({ token: refreshToken, email: email });
|
||||
|
||||
return { accessToken, refreshToken };
|
||||
};
|
||||
@@ -19,15 +19,15 @@ module.exports = async (oldRefreshToken, callback) => {
|
||||
return callback(403);
|
||||
}
|
||||
|
||||
jwt.verify(oldRefreshToken, process.env.SECRET_REFRESH, (err, user) => {
|
||||
jwt.verify(oldRefreshToken, process.env.SECRET_REFRESH, async (err, user) => {
|
||||
if (err) {
|
||||
return callback(403);
|
||||
}
|
||||
|
||||
const { accessToken, refreshToken } = generate(user.index, user.email, user.username, user.type, user.admin, user.mod);
|
||||
await destroy(oldRefreshToken);
|
||||
|
||||
destroy(oldRefreshToken);
|
||||
const { accessToken, refreshToken } = await generate(user.index, user.email, user.username, user.type, user.admin, user.mod);
|
||||
|
||||
return callback(null, accessToken, refreshToken);
|
||||
return await callback(null, accessToken, refreshToken);
|
||||
});
|
||||
};
|
||||
@@ -31,7 +31,7 @@ const TokenProvider = props => {
|
||||
let bearer = accessToken;
|
||||
|
||||
//if expired (10 minutes, normally)
|
||||
const expired = new Date(decode(accessToken).exp + 600) < Date.now();
|
||||
const expired = new Date(decode(accessToken).exp * 1000) < Date.now();
|
||||
|
||||
if (expired) {
|
||||
//BUGFIX: if logging out, just skip over the refresh token
|
||||
|
||||
Reference in New Issue
Block a user