jwt refresh token
/** @description for module commonjs */ // JWT MIDDLEWARE const jwt = require('jsonwebtoken') const { message } = require('../utils/util.message') module.exports = (req, res, next) => { try { const tokenHeader = req.headers.authorization.split('Bearer ')[1] const decoded = jwt.verify(tokenHeader, process.env.ACCESS_TOKEN_SECRET) req.user = decoded next() } catch (err) { next(httpError(401)) } } // ROUTE LOGIN app.get('/protect', authJwt, (req, res) => { console.log(req.user) res.send('aim in proteced route') }) app.post('/login', (req, res) => { const bodyPayload = { id: Date.now(), username: req.body.username } const token = signAccessToken(res, bodyPayload) return res.status(200).json(token) }) app.post('/refresh-token', (req, res) => { const refreshToken = signRefreshToken(req) return res.status(200).json(refreshToken) }) // JWT HELPER const jwt = require('jsonwebtoken') const { message } = require('../utils/util.message') exports.signAccessToken = (res, payload) => { try { if (payload) { const accessToken = jwt.sign({ ...payload }, process.env.ACCESS_TOKEN_SECRET, { expiresIn: '1d' }) const refreshToken = jwt.sign({ ...payload }, process.env.REFRESH_TOKEN_SECRET, { expiresIn: '90d' }) res.cookie('refreshToken', `${refreshToken}`, { maxAge: 86400 * 90, httpOnly: true }) return { accessToken, refreshToken } } } catch (err) { message({ response: res, statusCode: 401, method: req.method, message: 'Unautorization' }) } } exports.signRefreshToken = (req) => { try { const getToken = req.cookies.refreshToken if (getToken) { const { id, username } = jwt.verify(getToken, process.env.REFRESH_TOKEN_SECRET) const accesssToken = jwt.sign({ id, username }, process.env.ACCESS_TOKEN_SECRET, { expiresIn: '90d' }) return { accesssToken } } } catch (err) { message({ response: res, statusCode: 401, method: req.method, message: 'Unautorization' }) } }