Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- var accessToken = req.header('authorization').split(',')[0].split(' ')[1]
- var refreshToken = req.header('authorization').split(',')[1].split(' ')[2]
- var device = useragent.parse(req.headers['user-agent'])
- verifyTokens(device, accessToken, refreshToken, function (err, token) {
- if (err) {
- return res.status(403).json({
- statusCode: err.code,
- statusMessage: err.msg
- })
- }
- if (token) {
- console.log('sending new token')
- return next(token)
- }
- return next()
- })
- function verifyTokens (device, accessToken, refreshToken, callback) {
- jwt.verify(accessToken, process.env.JWT_SECRET, function (err, verifiedToken) {
- if (err) {
- if (err.name === 'TokenExpiredError') {
- jwt.verify(accessToken, process.env.JWT_SECRET, { ignoreExpiration: true }, function (err, token) {
- if (err) {
- return callback(500, null)
- }
- if (!token) {
- return callback(500, null)
- }
- var userId = token.claims.id
- // We now have the id and will check the refreshtoken using that id.
- checkRefreshToken(device, userId, refreshToken, function (err, user) {
- if (err) {
- return callback({code: err.code, msg: err.msg}, null)
- }
- if (!user) {
- return callback({code: 500, msg: 'no user'}, null)
- }
- var claims = {
- id: user._id,
- access: user.flags,
- device: device
- }
- var newAccessToken = jwt.sign({claims: claims}, process.env.JWT_SECRET, {expiresIn: '1m'})
- return callback(null, newAccessToken)
- })
- })
- } else {
- return callback({code: 500, msg: 'error verifyring token, not an expiration error'})
- }
- }
- return callback(null, null)
- })
- }
- function checkRefreshToken (device, userId, refreshToken, callback) {
- async.waterfall([
- function testRefreshToken (done) {
- console.log('5')
- // HÄR SÄGER VI ETT ERROR. VAR KOMMER DET IFRÅN?
- RefreshToken.findOne({'userId': userId, 'device': device}, function (err, token) {
- if (err) {
- return done({code: 500, msg: 'error: ' + err})
- }
- if (!token) {
- return done({code: 500, msg: 'cant find refreshToken, pls login again'})
- // This user is forbidden
- }
- jwt.verify(refreshToken, token.key, function (err, rToken) {
- if (err) {
- return done({code: 500, msg: 'error verifying refresh token'})
- }
- if (!rToken) {
- return done({code: 500, msg: 'no rToken'})
- }
- return done(null)
- })
- })
- },
- function getUserDataForToken (done) {
- User.findById(userId, function (err, user) {
- if (err) {
- return done({code: 500, msg: 'error getting user: ' + err}, null)
- }
- if (!user) {
- return done({code: 404, msg: 'no user'}, null)
- }
- return done(null, user)
- })
- }
- ], function (err, result) {
- if (err) {
- return callback({code: err.code, msg: err.msg}, null)
- }
- if (!result) {
- return callback({code: 500, msg: 'no userId'}, null)
- }
- return callback(null, result)
- })
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement