var accessToken = req.header('authorization').split(',')[0].split(' ')[1] va

1. var accessToken = req.header('authorization').split(',')[0].split(' ')[1]
2. var refreshToken = req.header('authorization').split(',')[1].split(' ')[2]
3. var device = useragent.parse(req.headers['user-agent'])
4.  
5. verifyTokens(device, accessToken, refreshToken, function (err, token) {
6. if (err) {
7. return res.status(403).json({
8. statusCode: err.code,
9. statusMessage: err.msg
10. })
11. }
12. if (token) {
13. console.log('sending new token')
14. return next(token)
15. }
16. return next()
17. })
18. function verifyTokens (device, accessToken, refreshToken, callback) {
19. jwt.verify(accessToken, process.env.JWT_SECRET, function (err, verifiedToken) {
20. if (err) {
21. if (err.name === 'TokenExpiredError') {
22. jwt.verify(accessToken, process.env.JWT_SECRET, { ignoreExpiration: true }, function (err, token) {
23. if (err) {
24. return callback(500, null)
25. }
26. if (!token) {
27. return callback(500, null)
28. }
29. var userId = token.claims.id
30. // We now have the id and will check the refreshtoken using that id.
31. checkRefreshToken(device, userId, refreshToken, function (err, user) {
32. if (err) {
33. return callback({code: err.code, msg: err.msg}, null)
34. }
35. if (!user) {
36. return callback({code: 500, msg: 'no user'}, null)
37. }
38. var claims = {
39. id: user._id,
40. access: user.flags,
41. device: device
42. }
43. var newAccessToken = jwt.sign({claims: claims}, process.env.JWT_SECRET, {expiresIn: '1m'})
44. return callback(null, newAccessToken)
45. })
46. })
47. } else {
48. return callback({code: 500, msg: 'error verifyring token, not an expiration error'})
49. }
50. }
51. return callback(null, null)
52. })
53. }
54.  
55.  
56.  
57. function checkRefreshToken (device, userId, refreshToken, callback) {
58. async.waterfall([
59. function testRefreshToken (done) {
60. console.log('5')
61.  
62. // HÄR SÄGER VI ETT ERROR. VAR KOMMER DET IFRÅN?
63.  
64. RefreshToken.findOne({'userId': userId, 'device': device}, function (err, token) {
65. if (err) {
66. return done({code: 500, msg: 'error: ' + err})
67. }
68. if (!token) {
69. return done({code: 500, msg: 'cant find refreshToken, pls login again'})
70. // This user is forbidden
71. }
72. jwt.verify(refreshToken, token.key, function (err, rToken) {
73. if (err) {
74. return done({code: 500, msg: 'error verifying refresh token'})
75. }
76. if (!rToken) {
77. return done({code: 500, msg: 'no rToken'})
78. }
79. return done(null)
80. })
81. })
82. },
83. function getUserDataForToken (done) {
84. User.findById(userId, function (err, user) {
85. if (err) {
86. return done({code: 500, msg: 'error getting user: ' + err}, null)
87. }
88. if (!user) {
89. return done({code: 404, msg: 'no user'}, null)
90. }
91. return done(null, user)
92. })
93. }
94. ], function (err, result) {
95. if (err) {
96. return callback({code: err.code, msg: err.msg}, null)
97. }
98. if (!result) {
99. return callback({code: 500, msg: 'no userId'}, null)
100. }
101. return callback(null, result)
102. })
103. }