diff --git a/api/src/controllers/auth.ts b/api/src/controllers/auth.ts index 778e3bf..8d01d7b 100644 --- a/api/src/controllers/auth.ts +++ b/api/src/controllers/auth.ts @@ -4,6 +4,7 @@ import { InfoJWT } from '../types' import { generateAccessToken, generateRefreshToken, + getTokensFromDB, removeTokensInDB, saveTokensInDB } from '../utils' @@ -73,6 +74,15 @@ const token = async (data: any): Promise => { AuthController.deleteCode(userInfo.userId, clientId) + // // get tokens from DB + const existingTokens = await getTokensFromDB(userInfo.userId, clientId) + if (existingTokens) { + return { + accessToken: existingTokens.accessToken, + refreshToken: existingTokens.refreshToken + } + } + const accessToken = generateAccessToken(userInfo) const refreshToken = generateRefreshToken(userInfo) diff --git a/api/src/routes/api/auth.ts b/api/src/routes/api/auth.ts index 34a45df..f031df9 100644 --- a/api/src/routes/api/auth.ts +++ b/api/src/routes/api/auth.ts @@ -7,7 +7,7 @@ import { authenticateRefreshToken } from '../../middlewares' -import { authorizeValidation, tokenValidation } from '../../utils' +import { tokenValidation } from '../../utils' import { InfoJWT } from '../../types' const authRouter = express.Router() diff --git a/api/src/utils/getTokensFromDB.ts b/api/src/utils/getTokensFromDB.ts new file mode 100644 index 0000000..68a47e6 --- /dev/null +++ b/api/src/utils/getTokensFromDB.ts @@ -0,0 +1,40 @@ +import jwt from 'jsonwebtoken' +import User from '../model/User' + +export const getTokensFromDB = async (userId: number, clientId: string) => { + const user = await User.findOne({ id: userId }) + if (!user) return + + const currentTokenObj = user.tokens.find( + (tokenObj: any) => tokenObj.clientId === clientId + ) + + if (currentTokenObj) { + const accessToken = currentTokenObj.accessToken + const refreshToken = currentTokenObj.refreshToken + + const verifiedAccessToken: any = jwt.verify( + accessToken, + process.secrets.ACCESS_TOKEN_SECRET + ) + + const verifiedRefreshToken: any = jwt.verify( + refreshToken, + process.secrets.REFRESH_TOKEN_SECRET + ) + + if ( + verifiedAccessToken?.userId !== userId || + verifiedAccessToken?.clientId !== clientId + ) + return + + if ( + verifiedRefreshToken?.userId !== userId || + verifiedRefreshToken?.clientId !== clientId + ) + return + + return { accessToken, refreshToken } + } +} diff --git a/api/src/utils/index.ts b/api/src/utils/index.ts index 32b5b79..7baf1e2 100644 --- a/api/src/utils/index.ts +++ b/api/src/utils/index.ts @@ -14,6 +14,7 @@ export * from './getDesktopFields' export * from './getPreProgramVariables' export * from './getRunTimeAndFilePath' export * from './getServerUrl' +export * from './getTokensFromDB' export * from './instantiateLogger' export * from './isDebugOn' export * from './isPublicRoute'