add token generate methods and update /refresh endpoint and middleware

sef-global · Sep 16, 2024 · 4d9f2fe · 4d9f2fe
1 parent d4e195d
commit 4d9f2fe
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 13 deletions.
diff --git a/src/controllers/auth.controller.ts b/src/controllers/auth.controller.ts
@@ -10,7 +10,7 @@ import {
   resetPassword
 } from '../services/auth.service'
 import type { ApiResponse } from '../types'
-import { signAndSetCookie } from '../utils'
+import { setAccessToken, signAndSetCookie } from '../utils'
 
 export const googleRedirect = async (
   req: Request,
@@ -169,23 +169,19 @@ export const requireAuth = (
 
       if (!token && !refreshToken) {
         return res
-          .status(401)
-          .json({ error: 'Access Denied. No token provided.' })
+          .status(403)
+          .json({ error: 'Forbidden. No token provided.' })
       }
 
       try {
         jwt.verify(token, JWT_SECRET)
-      } catch (err) {
-        if (!refreshToken) {
-          return res.status(401).send('Access Denied. Please Login again.')
-        }
-
+      } catch (err) {    
         try {
           const decoded = jwt.verify(refreshToken, REFRESH_JWT_SECRET) as {
             userId: string
           }
 
-          signAndSetCookie(res, decoded.userId)
+          setAccessToken(res, decoded.userId)
         } catch (error) {
           return res
             .status(401)
@@ -260,7 +256,7 @@ export const refresh = async (req: Request, res: Response): Promise<void> => {
       userId: string
     }
 
-    signAndSetCookie(res, decoded.userId)
+    setAccessToken(res, decoded.userId)
   } catch (error) {
     res.status(401).json({ error: 'Invalid token, please log in again' })
   }

diff --git a/src/utils.ts b/src/utils.ts
@@ -11,11 +11,19 @@ import type Mentor from './entities/mentor.entity'
 import { MenteeApplicationStatus, MentorApplicationStatus } from './enums'
 import { generateCertificate } from './services/admin/generateCertificate'
 
-export const signAndSetCookie = (res: Response, uuid: string): void => {
-  const accessToken = jwt.sign({ userId: uuid }, JWT_SECRET ?? '')
-  const refreshToken = jwt.sign({ userId: uuid }, REFRESH_JWT_SECRET ?? '', {
+const generateAccessToken = (uuid: string): string => {
+  return jwt.sign({ userId: uuid }, JWT_SECRET ?? '')
+}
+
+const generateRefreshToken = (uuid: string): string => {
+  return jwt.sign({ userId: uuid }, REFRESH_JWT_SECRET ?? '', {
     expiresIn: '10d'
   })
+}
+
+export const signAndSetCookie = (res: Response, uuid: string): void => {
+  const accessToken = generateAccessToken(uuid)
+  const refreshToken = generateRefreshToken(uuid)
 
   res.cookie('accessToken', accessToken, {
     httpOnly: true,
@@ -30,6 +38,16 @@ export const signAndSetCookie = (res: Response, uuid: string): void => {
   })
 }
 
+export const setAccessToken = (res: Response, uuid: string): void => {
+  const accessToken =  generateAccessToken(uuid)
+
+  res.cookie('accessToken', accessToken, {
+    httpOnly: true,
+    maxAge: 5 * 24 * 60 * 60 * 1000,
+    secure: false // TODO: Set to true when using HTTPS
+  })
+} 
+
 export const getMentorPublicData = (mentor: Mentor): Mentor => {
   const { application, profile } = mentor