lfk/backend
2
0
Fork 0
Code Issues 1 Pull Requests Actions Projects Releases 40 Activity

Now w/ working cookie based refresh

Browse Source 
ref #25
This commit is contained in:
Nicolai Ort 2020-12-12 19:25:40 +01:00
parent 615b54ec4f
commit aca3eaaeea
2 changed files with 11 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
src/controllers/AuthController.ts
View File

@ -1,4 +1,4 @@
import { Body, JsonController, Post, Res } from 'routing-controllers'; import { Body, CookieParam, JsonController, Post, Res } from 'routing-controllers';
import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi'; import { OpenAPI, ResponseSchema } from 'routing-controllers-openapi';
import { IllegalJWTError, InvalidCredentialsError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UsernameOrEmailNeededError } from '../errors/AuthError'; import { IllegalJWTError, InvalidCredentialsError, JwtNotProvidedError, PasswordNeededError, RefreshTokenCountInvalidError, UsernameOrEmailNeededError } from '../errors/AuthError';
import { UserNotFoundError } from '../errors/UserErrors'; import { UserNotFoundError } from '../errors/UserErrors';
@ -58,13 +58,18 @@ export class AuthController {
@ResponseSchema(UserNotFoundError) @ResponseSchema(UserNotFoundError)
@ResponseSchema(RefreshTokenCountInvalidError) @ResponseSchema(RefreshTokenCountInvalidError)
@OpenAPI({ description: 'refresh a access token' }) @OpenAPI({ description: 'refresh a access token' })
async refresh(@Body({ validate: true }) refreshAuth: RefreshAuth) { async refresh(@CookieParam("lfk_backend__refresh_token") refresh_token: string, @Res() response: any, @Body({ validate: true }) refreshAuth: RefreshAuth) {
if (refresh_token && refresh_token.length != 0) {
refreshAuth.token = refresh_token;
}
let auth; let auth;
try { try {
auth = await refreshAuth.toAuth(); auth = await refreshAuth.toAuth();
response.cookie('lfk_backend__refresh_token', auth.refresh_token, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
response.cookie('lfk_backend__refresh_token_expires_at', auth.refresh_token_expires_at, { expires: new Date(auth.refresh_token_expires_at * 1000), httpOnly: true });
} catch (error) { } catch (error) {
return error; return error;
} }
return auth return response.send(auth)
} }
} }

5
src/models/actions/RefreshAuth.ts
View File

@ -1,4 +1,4 @@
import { IsString } from 'class-validator'; import { IsOptional, IsString } from 'class-validator';
import * as jsonwebtoken from 'jsonwebtoken'; import * as jsonwebtoken from 'jsonwebtoken';
import { getConnectionManager } from 'typeorm'; import { getConnectionManager } from 'typeorm';
import { config } from '../../config'; import { config } from '../../config';
@ -8,7 +8,8 @@ import { Auth } from '../responses/ResponseAuth';
export class RefreshAuth { export class RefreshAuth {
@IsString() @IsString()
token: string; @IsOptional()
token?: string;
public async toAuth(): Promise<Auth> { public async toAuth(): Promise<Auth> {
let newAuth: Auth = new Auth(); let newAuth: Auth = new Auth();