feat: start using refresh tokens and better session handler

2026-04-18 11:49:19 +00:00 · 2020-09-29 20:30:02 -03:00
parent 3a777dec39
commit c8b4b5bdfe
16 changed files with 209 additions and 46 deletions
--- a/backend/src/controllers/SessionController.ts
+++ b/backend/src/controllers/SessionController.ts
@@ -1,11 +1,19 @@
 import { Request, Response } from "express";
+import AppError from "../errors/AppError";

 import AuthUserService from "../services/UserServices/AuthUserSerice";
+import { SendRefreshToken } from "../helpers/SendRefreshToken";
+import { RefreshTokenService } from "../services/AuthServices/RefreshTokenService";

 export const store = async (req: Request, res: Response): Promise<Response> => {
  const { email, password } = req.body;

-  const { token, user } = await AuthUserService({ email, password });
+  const { token, user, refreshToken } = await AuthUserService({
+    email,
+    password
+  });
+
+  SendRefreshToken(res, refreshToken);

  return res.status(200).json({
    token,
@@ -14,3 +22,20 @@ export const store = async (req: Request, res: Response): Promise<Response> => {
    userId: user.id
  });
 };
+
+export const update = async (
+  req: Request,
+  res: Response
+): Promise<Response> => {
+  const token: string = req.cookies.jrt;
+
+  if (!token) {
+    throw new AppError("Invalid session. Please login.", 401);
+  }
+
+  const { newToken, refreshToken } = await RefreshTokenService(token);
+
+  SendRefreshToken(res, refreshToken);
+
+  return res.json({ token: newToken });
+};