-
Notifications
You must be signed in to change notification settings - Fork 35
/
deserializeUser.ts
50 lines (36 loc) · 1.04 KB
/
deserializeUser.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
import { NextFunction, Request, Response } from "express";
import { getSession } from "../db";
import { signJWT, verifyJWT } from "../utils/jwt.utils";
function deserializeUser(req: Request, res: Response, next: NextFunction) {
const { accessToken, refreshToken } = req.cookies;
if (!accessToken) {
return next();
}
const { payload, expired } = verifyJWT(accessToken);
// For a valid access token
if (payload) {
// @ts-ignore
req.user = payload;
return next();
}
// expired but valid access token
const { payload: refresh } =
expired && refreshToken ? verifyJWT(refreshToken) : { payload: null };
if (!refresh) {
return next();
}
// @ts-ignore
const session = getSession(refresh.sessionId);
if (!session) {
return next();
}
const newAccessToken = signJWT(session, "5s");
res.cookie("accessToken", newAccessToken, {
maxAge: 300000, // 5 minutes
httpOnly: true,
});
// @ts-ignore
req.user = verifyJWT(newAccessToken).payload;
return next();
}
export default deserializeUser;