feat: start using refresh tokens and better session handler

2026-04-18 11:49:19 +00:00 · 2020-09-29 20:30:02 -03:00
parent 3a777dec39
commit c8b4b5bdfe
16 changed files with 209 additions and 46 deletions
--- a/backend/src/services/AuthServices/RefreshTokenService.ts
+++ b/backend/src/services/AuthServices/RefreshTokenService.ts
@@ -0,0 +1,47 @@
+import { verify } from "jsonwebtoken";
+import AppError from "../../errors/AppError";
+import ShowUserService from "../UserServices/ShowUserService";
+import authConfig from "../../config/auth";
+import {
+  createAccessToken,
+  createRefreshToken
+} from "../../helpers/CreateTokens";
+
+interface RefreshTokenPayload {
+  id: string;
+  tokenVersion: number;
+}
+
+interface Response {
+  newToken: string;
+  refreshToken: string;
+}
+
+export const RefreshTokenService = async (token: string): Promise<Response> => {
+  let decoded;
+
+  console.log(token);
+
+  try {
+    decoded = verify(token, authConfig.refreshSecret);
+  } catch (err) {
+    throw new AppError("Session expire. Please login.", 401);
+  }
+
+  const { id, tokenVersion } = decoded as RefreshTokenPayload;
+
+  const user = await ShowUserService(id);
+
+  if (!user) {
+    throw new AppError("No user found with this ID.", 401);
+  }
+
+  if (user.tokenVersion !== tokenVersion) {
+    throw new AppError("Session revoked. Please login.", 401);
+  }
+
+  const newToken = createAccessToken(user);
+  const refreshToken = createRefreshToken(user);
+
+  return { newToken, refreshToken };
+};
--- a/backend/src/services/UserServices/AuthUserSerice.ts
+++ b/backend/src/services/UserServices/AuthUserSerice.ts
@@ -1,8 +1,9 @@
-import { sign } from "jsonwebtoken";
-
 import User from "../../models/User";
 import AppError from "../../errors/AppError";
-import authConfig from "../../config/auth";
+import {
+  createAccessToken,
+  createRefreshToken
+} from "../../helpers/CreateTokens";

 interface Request {
  email: string;
@@ -12,6 +13,7 @@ interface Request {
 interface Response {
  user: User;
  token: string;
+  refreshToken: string;
 }

 const AuthUserService = async ({
@@ -30,18 +32,13 @@ const AuthUserService = async ({
    throw new AppError("Incorrect user/password combination.", 401);
  }

-  const { secret, expiresIn } = authConfig;
-  const token = sign(
-    { usarname: user.name, profile: user.profile, id: user.id },
-    secret,
-    {
-      expiresIn
-    }
-  );
+  const token = createAccessToken(user);
+  const refreshToken = createRefreshToken(user);

  return {
    user,
-    token
+    token,
+    refreshToken
  };
 };

--- a/backend/src/services/UserServices/ShowUserService.ts
+++ b/backend/src/services/UserServices/ShowUserService.ts
@@ -5,7 +5,7 @@ const ShowUserService = async (
  id: string | number
 ): Promise<User | undefined> => {
  const user = await User.findByPk(id, {
-    attributes: ["name", "id", "email", "profile"]
+    attributes: ["name", "id", "email", "profile", "tokenVersion"]
  });

  if (!user) {