From 095efb7965af2a66575e388bfaec5d7b23032f63 Mon Sep 17 00:00:00 2001 From: chin Date: Fri, 14 Jan 2022 17:11:33 +0800 Subject: [PATCH] feat: refresh_token api 1. refresh token --- api/user/controller/postRefreshToken.js | 28 +++++++++++++++ api/user/index.js | 10 +++++- api/user/service/refreshTokenService.js | 45 +++++++++++++++++++++++++ 3 files changed, 82 insertions(+), 1 deletion(-) create mode 100644 api/user/controller/postRefreshToken.js create mode 100644 api/user/service/refreshTokenService.js diff --git a/api/user/controller/postRefreshToken.js b/api/user/controller/postRefreshToken.js new file mode 100644 index 00000000..cb88d498 --- /dev/null +++ b/api/user/controller/postRefreshToken.js @@ -0,0 +1,28 @@ + +const jwt = require('jsonwebtoken'); +const uuid = require('uuid'); +const UIDGenerator = require('uid-generator'); +const uidGenerator = new UIDGenerator(256); +const mongodb = require('../../../models/mongodb'); +const refreshTokenService = require('../service/refreshTokenService'); + +/** + * @param {import('express').Request} req + * @param {import('express').Response} res + */ +module.exports = async function (req , res) { + try { + let refreshToken = req.body.refresh_token; + let tokenObj = await refreshTokenService(refreshToken); + if (tokenObj.status) { + return res.status(tokenObj.code).send({ + token: tokenObj.data.id, + refresh_token: tokenObj.data.refresh_token + }); + } + return res.status(tokenObj.code).send(tokenObj.data); + } catch(err) { + console.error(err); + return res.status(500).json(err); + } +} \ No newline at end of file diff --git a/api/user/index.js b/api/user/index.js index 03033720..350bc456 100644 --- a/api/user/index.js +++ b/api/user/index.js @@ -52,7 +52,15 @@ router.get( router.delete( '/token/:_id' , user.checkIsLoggedIn, - require('./controller/deleteToken')) + require('./controller/deleteToken')); + +router.post( + '/token/refresh', + validateParams({ + "refresh_token": Joi.string().required() + }, "body" , { allowUnknown: false }), + require("./controller/postRefreshToken") +) module.exports = router; diff --git a/api/user/service/refreshTokenService.js b/api/user/service/refreshTokenService.js new file mode 100644 index 00000000..449dd4b6 --- /dev/null +++ b/api/user/service/refreshTokenService.js @@ -0,0 +1,45 @@ +const jwt = require('jsonwebtoken'); +const uuid = require('uuid'); +const UIDGenerator = require('uid-generator'); +const uidGenerator = new UIDGenerator(256); +const mongodb = require('../../../models/mongodb'); + +module.exports = async function (refresh_token,expiresIn='1y') { + try { + let hitTokenObj = await mongodb.issuedToken.findOne({ + refresh_token: refresh_token + }); + if (!hitTokenObj) { + return { + status: false, + code: 404, + data: "Not found with refresh token" + } + } + let decodedTokenObj = jwt.decode(hitTokenObj.token, { complete:true }); + let id = await uidGenerator.generate(); + let refresh_token = await uidGenerator.generate(); + let token = jwt.sign(decodedTokenObj, process.env.JWT_SECRET_KEY , {expiresIn: expiresIn, algorithm: "HS256"}); + + let tokenObj = { + token: token, + id: `Bearer ${id}`, + refresh_token: refresh_token + } + await mongodb.issuedToken.findOneAndUpdate({ + refresh_token: refresh_token + } , tokenObj); + return { + status : true, + code: 200, + data: tokenObj + }; + } catch(e) { + console.error(e); + return { + status: false, + code : 500, + data: e + }; + } +} \ No newline at end of file