mirror of
https://github.com/sasjs/server.git
synced 2025-12-11 19:44:35 +00:00
fix: return same tokens if not expired
This commit is contained in:
@@ -4,6 +4,7 @@ import { InfoJWT } from '../types'
|
|||||||
import {
|
import {
|
||||||
generateAccessToken,
|
generateAccessToken,
|
||||||
generateRefreshToken,
|
generateRefreshToken,
|
||||||
|
getTokensFromDB,
|
||||||
removeTokensInDB,
|
removeTokensInDB,
|
||||||
saveTokensInDB
|
saveTokensInDB
|
||||||
} from '../utils'
|
} from '../utils'
|
||||||
@@ -73,6 +74,15 @@ const token = async (data: any): Promise<TokenResponse> => {
|
|||||||
|
|
||||||
AuthController.deleteCode(userInfo.userId, clientId)
|
AuthController.deleteCode(userInfo.userId, clientId)
|
||||||
|
|
||||||
|
// // get tokens from DB
|
||||||
|
const existingTokens = await getTokensFromDB(userInfo.userId, clientId)
|
||||||
|
if (existingTokens) {
|
||||||
|
return {
|
||||||
|
accessToken: existingTokens.accessToken,
|
||||||
|
refreshToken: existingTokens.refreshToken
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const accessToken = generateAccessToken(userInfo)
|
const accessToken = generateAccessToken(userInfo)
|
||||||
const refreshToken = generateRefreshToken(userInfo)
|
const refreshToken = generateRefreshToken(userInfo)
|
||||||
|
|
||||||
|
|||||||
@@ -7,7 +7,7 @@ import {
|
|||||||
authenticateRefreshToken
|
authenticateRefreshToken
|
||||||
} from '../../middlewares'
|
} from '../../middlewares'
|
||||||
|
|
||||||
import { authorizeValidation, tokenValidation } from '../../utils'
|
import { tokenValidation } from '../../utils'
|
||||||
import { InfoJWT } from '../../types'
|
import { InfoJWT } from '../../types'
|
||||||
|
|
||||||
const authRouter = express.Router()
|
const authRouter = express.Router()
|
||||||
|
|||||||
40
api/src/utils/getTokensFromDB.ts
Normal file
40
api/src/utils/getTokensFromDB.ts
Normal file
@@ -0,0 +1,40 @@
|
|||||||
|
import jwt from 'jsonwebtoken'
|
||||||
|
import User from '../model/User'
|
||||||
|
|
||||||
|
export const getTokensFromDB = async (userId: number, clientId: string) => {
|
||||||
|
const user = await User.findOne({ id: userId })
|
||||||
|
if (!user) return
|
||||||
|
|
||||||
|
const currentTokenObj = user.tokens.find(
|
||||||
|
(tokenObj: any) => tokenObj.clientId === clientId
|
||||||
|
)
|
||||||
|
|
||||||
|
if (currentTokenObj) {
|
||||||
|
const accessToken = currentTokenObj.accessToken
|
||||||
|
const refreshToken = currentTokenObj.refreshToken
|
||||||
|
|
||||||
|
const verifiedAccessToken: any = jwt.verify(
|
||||||
|
accessToken,
|
||||||
|
process.secrets.ACCESS_TOKEN_SECRET
|
||||||
|
)
|
||||||
|
|
||||||
|
const verifiedRefreshToken: any = jwt.verify(
|
||||||
|
refreshToken,
|
||||||
|
process.secrets.REFRESH_TOKEN_SECRET
|
||||||
|
)
|
||||||
|
|
||||||
|
if (
|
||||||
|
verifiedAccessToken?.userId !== userId ||
|
||||||
|
verifiedAccessToken?.clientId !== clientId
|
||||||
|
)
|
||||||
|
return
|
||||||
|
|
||||||
|
if (
|
||||||
|
verifiedRefreshToken?.userId !== userId ||
|
||||||
|
verifiedRefreshToken?.clientId !== clientId
|
||||||
|
)
|
||||||
|
return
|
||||||
|
|
||||||
|
return { accessToken, refreshToken }
|
||||||
|
}
|
||||||
|
}
|
||||||
@@ -14,6 +14,7 @@ export * from './getDesktopFields'
|
|||||||
export * from './getPreProgramVariables'
|
export * from './getPreProgramVariables'
|
||||||
export * from './getRunTimeAndFilePath'
|
export * from './getRunTimeAndFilePath'
|
||||||
export * from './getServerUrl'
|
export * from './getServerUrl'
|
||||||
|
export * from './getTokensFromDB'
|
||||||
export * from './instantiateLogger'
|
export * from './instantiateLogger'
|
||||||
export * from './isDebugOn'
|
export * from './isDebugOn'
|
||||||
export * from './isPublicRoute'
|
export * from './isPublicRoute'
|
||||||
|
|||||||
Reference in New Issue
Block a user