fix: return same tokens if not expired

2025-12-10 19:34:34 +00:00 · 2022-09-21 22:12:03 +05:00
parent a810f6c7cf
commit 330c020933
4 changed files with 52 additions and 1 deletions
--- a/api/src/controllers/auth.ts
+++ b/api/src/controllers/auth.ts
@@ -4,6 +4,7 @@ import { InfoJWT } from '../types'
 import {
  generateAccessToken,
  generateRefreshToken,
+  getTokensFromDB,
  removeTokensInDB,
  saveTokensInDB
 } from '../utils'
@@ -73,6 +74,15 @@ const token = async (data: any): Promise<TokenResponse> => {

  AuthController.deleteCode(userInfo.userId, clientId)

+  // // get tokens from DB
+  const existingTokens = await getTokensFromDB(userInfo.userId, clientId)
+  if (existingTokens) {
+    return {
+      accessToken: existingTokens.accessToken,
+      refreshToken: existingTokens.refreshToken
+    }
+  }
+
  const accessToken = generateAccessToken(userInfo)
  const refreshToken = generateRefreshToken(userInfo)

--- a/api/src/routes/api/auth.ts
+++ b/api/src/routes/api/auth.ts
@@ -7,7 +7,7 @@ import {
  authenticateRefreshToken
 } from '../../middlewares'

-import { authorizeValidation, tokenValidation } from '../../utils'
+import { tokenValidation } from '../../utils'
 import { InfoJWT } from '../../types'

 const authRouter = express.Router()
--- a/api/src/utils/getTokensFromDB.ts
+++ b/api/src/utils/getTokensFromDB.ts
@@ -0,0 +1,40 @@
+import jwt from 'jsonwebtoken'
+import User from '../model/User'
+
+export const getTokensFromDB = async (userId: number, clientId: string) => {
+  const user = await User.findOne({ id: userId })
+  if (!user) return
+
+  const currentTokenObj = user.tokens.find(
+    (tokenObj: any) => tokenObj.clientId === clientId
+  )
+
+  if (currentTokenObj) {
+    const accessToken = currentTokenObj.accessToken
+    const refreshToken = currentTokenObj.refreshToken
+
+    const verifiedAccessToken: any = jwt.verify(
+      accessToken,
+      process.secrets.ACCESS_TOKEN_SECRET
+    )
+
+    const verifiedRefreshToken: any = jwt.verify(
+      refreshToken,
+      process.secrets.REFRESH_TOKEN_SECRET
+    )
+
+    if (
+      verifiedAccessToken?.userId !== userId ||
+      verifiedAccessToken?.clientId !== clientId
+    )
+      return
+
+    if (
+      verifiedRefreshToken?.userId !== userId ||
+      verifiedRefreshToken?.clientId !== clientId
+    )
+      return
+
+    return { accessToken, refreshToken }
+  }
+}
--- a/api/src/utils/index.ts
+++ b/api/src/utils/index.ts
@@ -14,6 +14,7 @@ export * from './getDesktopFields'
 export * from './getPreProgramVariables'
 export * from './getRunTimeAndFilePath'
 export * from './getServerUrl'
+export * from './getTokensFromDB'
 export * from './instantiateLogger'
 export * from './isDebugOn'
 export * from './isPublicRoute'