Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- const express = require('express');
- const router = express.Router();
- const User = require('../db/users');
- const util = require('../lib/util');
- const jwt = require('jsonwebtoken');
- const {tokenSecret, refreshSecret, tokenLife, refreshTokenLife} = require("../config/tokenConfig.js")
- const tokenList = {}
- router.post("/login",(req, res, next) => {
- let isValid = true;
- const validationError = {
- name:'ValidationError',
- errors:{}
- };
- if(!req.body.username){
- isValid = false;
- validationError.errors.username = {message:'Username is required!'};
- }
- if(!req.body.password){
- isValid = false;
- validationError.errors.password = {message:'Password is required!'};
- }
- if(!isValid) return res.json(util.successFalse(validationError));
- else next();
- },
- function(req,res,next){
- User.findOne({username:req.body.username})
- .select({password:1,username:1,name:1,email:1})
- .exec(async function(err,user){
- if(err) return res.json(util.successFalse(err));
- else if(!user||!user.authenticate(req.body.password))
- return res.json(util.successFalse(null,'Username or Password is invalid'));
- else {
- const payload = {
- _id : user._id,
- username: user.username
- };
- const options = {expiresIn : tokenLife};
- const refreshOptions = {expiresIn : refreshTokenLife}
- try {
- const token = await jwt.sign(payload, tokenSecret, options)
- const refreshToken = await jwt.sign(payload, refreshSecret, refreshOptions)
- const response = {token: token, username: req.body.username, refreshToken: refreshToken, expiresIn: Date.now() + tokenLife*1000}
- tokenList[refreshToken] = response
- res.json(util.successTrue(response))
- } catch(err) {
- return res.json(util.successFalse(err));
- }
- }
- });
- })
- // refresh request when access token expired
- router.post("/refresh", (req, res, next) => {
- /**
- * @const postData = {
- * {String} token,
- * {String} refreshToken,
- * {Number} expiresIn,
- * {String} username,
- * }
- */
- const postData = req.body;
- if((postData.refreshToken) && (postData.refreshToken in tokenList)) {
- User.findOne({username:postData.username})
- .select({password:1,username:1,name:1,email:1})
- .exec(async function(err,user){
- if(err) return res.json(util.successFalse(err));
- const payload = {
- _id : user._id,
- username: user.username
- };
- const options = {expiresIn : tokenLife};
- try {
- const token = await jwt.sign(payload, tokenSecret, options)
- const response = {token: token, username: req.body.username, refreshToken: postData.refreshToken, expiresIn: Date.now() + tokenLife*1000}
- tokenList[postData.refreshToken].token = response.token
- tokenList[postData.refreshToken].expiresIn = response.expiresIn
- res.json(util.successTrue(response))
- } catch(err) {
- console.log(err)
- return res.json(util.successFalse(err));
- }
- });
- }
- })
- module.exports = router;
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement