-
Notifications
You must be signed in to change notification settings - Fork 35
Expand file tree
/
Copy pathuser-router.js
More file actions
58 lines (43 loc) · 1.7 KB
/
user-router.js
File metadata and controls
58 lines (43 loc) · 1.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
'use strict';
const {Router} = require(`express`);
const jwt = require(`jsonwebtoken`);
const HttpStatus = require(`http-status-codes`);
const storeService = require(`../services/store-service`);
const refreshTokenService = require(`../services/refresh-token-service`);
const authenticate = require(`../middlewares/authenticate`);
const authenticateJwt = require(`../middlewares/authenticate-jwt`);
const {makeTokens} = require(`../jwt-helper`);
const {JWT_REFRESH_SECRET} = require(`../constants`);
const userRouter = new Router();
userRouter.post(`/login`, authenticate(storeService), async (req, res) => {
const {id} = res.locals.user;
const {accessToken, refreshToken} = makeTokens({id});
await refreshTokenService.add(refreshToken);
res.json({accessToken, refreshToken});
});
userRouter.post(`/refresh`, async (req, res) => {
const { token } = req.body;
if (!token) {
return res.sendStatus(HttpStatus.BAD_REQUEST);
};
const existToken = await refreshTokenService.find(token);
if (!existToken) {
return res.sendStatus(HttpStatus.NOT_FOUND);
}
jwt.verify(token, JWT_REFRESH_SECRET, async (err, userData) => {
if (err) {
return res.sendStatus(HttpStatus.FORBIDDEN);
}
const {id} = userData;
const {accessToken, refreshToken} = makeTokens({id});
await refreshTokenService.drop(existToken);
await refreshTokenService.add(refreshToken);
res.json({accessToken, refreshToken});
});
});
userRouter.delete(`/logout`, authenticateJwt, (req, res) => {
const {token} = req.body;
refreshTokenService.drop(token);
res.sendStatus(HttpStatus.NO_CONTENT);
})
module.exports = userRouter;