jwt refresh token

/**
@description for module commonjs
*/

// JWT MIDDLEWARE
const jwt = require('jsonwebtoken')
const { message } = require('../utils/util.message')
 
module.exports = (req, res, next) => {
  try {
    const tokenHeader = req.headers.authorization.split('Bearer ')[1]
    const decoded = jwt.verify(tokenHeader, process.env.ACCESS_TOKEN_SECRET)
    req.user = decoded
    next()
  } catch (err) {
    next(httpError(401))
  }
}
 
// ROUTE LOGIN
app.get('/protect', authJwt, (req, res) => {
  console.log(req.user)
  res.send('aim in proteced route')
})
 
app.post('/login', (req, res) => {
  const bodyPayload = {
    id: Date.now(),
    username: req.body.username
  }
  const token = signAccessToken(res, bodyPayload)
  return res.status(200).json(token)
})
 
app.post('/refresh-token', (req, res) => {
  const refreshToken = signRefreshToken(req)
  return res.status(200).json(refreshToken)
})
 
// JWT HELPER
const jwt = require('jsonwebtoken')
const { message } = require('../utils/util.message')
 
exports.signAccessToken = (res, payload) => {
  try {
    if (payload) {
      const accessToken = jwt.sign({ ...payload }, process.env.ACCESS_TOKEN_SECRET, { expiresIn: '1d' })
      const refreshToken = jwt.sign({ ...payload }, process.env.REFRESH_TOKEN_SECRET, { expiresIn: '90d' })
      res.cookie('refreshToken', `${refreshToken}`, { maxAge: 86400 * 90, httpOnly: true })
      return { accessToken, refreshToken }
    }
  } catch (err) {
    message({
      response: res,
      statusCode: 401,
      method: req.method,
      message: 'Unautorization'
    })
  }
}
 
exports.signRefreshToken = (req) => {
  try {
    const getToken = req.cookies.refreshToken
    if (getToken) {
      const { id, username } = jwt.verify(getToken, process.env.REFRESH_TOKEN_SECRET)
      const accesssToken = jwt.sign({ id, username }, process.env.ACCESS_TOKEN_SECRET, { expiresIn: '90d' })
      return { accesssToken }
    }
  } catch (err) {
    message({
      response: res,
      statusCode: 401,
      method: req.method,
      message: 'Unautorization'
		})
  }
}

Posted by: Guest on September-29-2020

/** @description for module esm, change userDTO with your DTO */ import { Request, Response } from 'express' import jwt, { Secret } from 'jsonwebtoken' import { Base64 } from 'js-base64' import { UsersDTO } from './../dto/users' import { message } from '../utils/util.message' const ACCESS_TOKEN_SECRET: Secret = process.env.ACCESS_TOKEN_SECRET const REFRESH_TOKEN_SECRET: Secret = process.env.REFRESH_TOKEN_SECRET export const signAccessToken = (res: Response, payload: UsersDTO): string | any => { try { if (payload) { const accessToken: string = jwt.sign({ ...payload }, ACCESS_TOKEN_SECRET, { expiresIn: '1d' }) const refreshToken: string = jwt.sign({ ...payload }, REFRESH_TOKEN_SECRET, { expiresIn: '90d' }) const encodedAccessToken: string = Base64.encode(accessToken) const encodedRefreshToken: string = Base64.encode(refreshToken) res.cookie('refreshToken', `${encodedRefreshToken}`, { maxAge: 86400 * 90, httpOnly: true }) return { accessToken: encodedAccessToken, refreshToken: encodedRefreshToken } } } catch (err) { return message({ response: res, statusCode: 401, method: req.method, message: 'Unautorization' }) } } export const signRefreshToken = () => (req: Request): string | any => { try { const getToken: string = req.cookies['refreshToken'] if (Base64.isValid(getToken) && getToken) { const decodedToken: string = Base64.decode(getToken) const { user_id, email }: string | any = jwt.verify(decodedToken, REFRESH_TOKEN_SECRET) const accessToken: string = jwt.sign({ user_id: user_id, email: email }, ACCESS_TOKEN_SECRET, { expiresIn: '90d' }) const encodedAccessToken: string = Base64.encode(accessToken) return encodedAccessToken } } catch (err) { message({ response: res, statusCode: 401, method: req.method, message: 'Unautorization' }) } }

import { Request, Response } from 'express' import jwt, { Secret, SignOptions } from 'jsonwebtoken' import { Base64 } from 'js-base64' import { UsersDTO } from '../dto/dto.users' const ACCESS_TOKEN_SECRET: Secret = process.env.ACCESS_TOKEN_SECRET const REFRESH_TOKEN_SECRET: Secret = process.env.REFRESH_TOKEN_SECRET export const signAccessToken = () => (res: Response, payload: UsersDTO, options: SignOptions): string | any => { if (!payload) { return null } else { const accessToken: string = jwt.sign({ ...payload }, ACCESS_TOKEN_SECRET, { ...options }) const refreshToken: string = jwt.sign({ ...payload }, REFRESH_TOKEN_SECRET, { expiresIn: '90d' }) const encodedAccessToken: string = Base64.encode(accessToken) const encodedRefreshToken: string = Base64.encode(refreshToken) res.cookie('refreshToken', `${encodedRefreshToken}`, { maxAge: 86400 * 90, httpOnly: true }) return { accessToken: encodedAccessToken, refreshToken: encodedRefreshToken } } } export const verifySignAccessToken = () => (token: string): string | any => { if (!Base64.isValid(token)) { return null } else { const decodedToken: string = Base64.decode(token) const decoded: string | any = jwt.verify(decodedToken, ACCESS_TOKEN_SECRET) return decoded } } export const signRefreshToken = () => (req: Request): string | any => { const getToken: string = req.cookies.refreshToken if (!Base64.isValid(getToken) && !getToken) { return null } else { const decodedToken: string = Base64.decode(getToken) const { user_id, email }: string | any = jwt.verify(decodedToken, REFRESH_TOKEN_SECRET) const accessToken: string = jwt.sign({ user_id: user_id, email: email }, ACCESS_TOKEN_SECRET, { expiresIn: '90d' }) const encodedAccessToken: string = Base64.encode(accessToken) return encodedAccessToken } }

Code answers related to "jwt refresh token"

Code answers related to "Javascript"

Javascript Answers by Framework

Browse Popular Code Answers by Language

Answers for "jwt refresh token"

Code answers related to "jwt refresh token"

Code answers related to "Javascript"

Javascript Answers by Framework

Browse Popular Code Answers by Language

Popular Programming Languages

Advertisements

Company

Compilers

Help

Connect with us