From 32293d3f3d242a909124932d4040201826b6c486 Mon Sep 17 00:00:00 2001 From: geeknk Date: Wed, 29 Nov 2023 19:35:33 +0530 Subject: [PATCH] correction in refresh token --- app.js | 3 +- controllers/userController.js | 14 ++++--- middleware/usermiddle.js | 27 +++++------- migrations/20231125074458-create-address.js | 10 ++--- models/address.js | 3 +- models/usertoken.js | 4 +- package-lock.json | 14 +++++++ package.json | 1 + services/userservices.js | 46 ++++++++++----------- 9 files changed, 63 insertions(+), 59 deletions(-) diff --git a/app.js b/app.js index 9c794cf..e985239 100644 --- a/app.js +++ b/app.js @@ -1,4 +1,5 @@ const express = require("express"); +const cookieparser = require("cookie-parser") const service = require("./config/constant.js"); const userRoute = require("./routes/userRoute.js"); const rdcon = require("./config/redisconfig.js") @@ -6,7 +7,7 @@ const rdcon = require("./config/redisconfig.js") const app = express(); app.use(express.json()); - +app.use(cookieparser()) app.use("/user", userRoute) rdcon.redisconnect(); app.listen(service.port,()=>{ diff --git a/controllers/userController.js b/controllers/userController.js index 5b13a84..59d5f78 100644 --- a/controllers/userController.js +++ b/controllers/userController.js @@ -1,7 +1,5 @@ -const cookieparser = require('cookie-parser'); const express = require("express"); const app = express(); -app.use(cookieparser()) const userServices = require("../services/userservices") exports.signup = async (req, res) => { @@ -17,9 +15,9 @@ exports.signin = async (req, res) => { return res.status(401).send({ success: false, msg: "Email or Password is wrong" }); } else { // Assigning refresh token in http-only cookie - res.cookie('jwt', loggedin.refreshToken, { httpOnly: true, + res.cookie('refresh_token', loggedin.refreshToken, { httpOnly: true, sameSite: 'None', secure: true, - maxAge: 24 * 60 * 60 * 1000 + maxAge: 24 * 60 * 60 * 1000 }); res.status(200).send(loggedin.accessToken); } @@ -169,8 +167,12 @@ exports.aggregate = async (req,res) => { exports.refreshuser = async (req,res) => { try { - const token = await userServices.generateToken(req.data.email) - res.status(200).send(token); + const token = await userServices.generateToken(req.data) + res.cookie('refresh_token', token.refreshToken, { httpOnly: true, + sameSite: 'None', secure: true, + maxAge: 24 * 60 * 60 * 1000 + }); + res.status(200).send(token.accessToken); } catch (error) { res.status(401).send({success: "false",error}); } diff --git a/middleware/usermiddle.js b/middleware/usermiddle.js index 0cab46f..63279af 100644 --- a/middleware/usermiddle.js +++ b/middleware/usermiddle.js @@ -3,6 +3,7 @@ const jwt = require("jsonwebtoken"); const config = require("../config/constant"); const multer = require("multer") const {User} = require("../models"); +const {client} = require("../config/redisconfig"); exports.verifyEmail = async (req, res, next) => { const userData = await User.findOne({where:{ email: req.body.email }}); @@ -28,26 +29,18 @@ exports.checkAuth = async (req, res, next) => { }; exports.verifyRT = async (req,res,next) =>{ - if (req.cookies?.jwt) { - + if (req.cookies?.refresh_token) { + // Destructuring refreshToken from cookie - const refreshToken = req.cookies.jwt; + const refreshToken = req.cookies.refresh_token; - // Verifying refresh token - jwt.verify(refreshToken, config.REFRESH_TOKEN_SECRET, - (err, decoded) => { - if (err) { - // Wrong Refesh Token - return res.status(406).json({ message: 'Unauthorized' }); - } - else { - // Correct token we send a new access token - req.data = email; - next(); - } - }) + // Verifying refresh token + const tokenData = await client.hGetAll(refreshToken) + req.data = tokenData + client.del(refreshToken) + next() } else { - return res.status(406).json({ message: 'Unauthorized' }); + return res.status(406).json({ message: 'Unauthorized ! Refresh token not found' }); } } diff --git a/migrations/20231125074458-create-address.js b/migrations/20231125074458-create-address.js index e8f2328..2aa2657 100644 --- a/migrations/20231125074458-create-address.js +++ b/migrations/20231125074458-create-address.js @@ -11,11 +11,11 @@ module.exports = { }, user_id: { type: Sequelize.INTEGER, - // references:{ - // model:"Users", - // key:"id", - // as:"id" - // } + references:{ + model:"Users", + key:"id", + as:"user_id" + } }, address: { type: Sequelize.STRING diff --git a/models/address.js b/models/address.js index 11a99f9..def7a51 100644 --- a/models/address.js +++ b/models/address.js @@ -11,8 +11,7 @@ module.exports = (sequelize, DataTypes) => { // define association here address.belongsTo(models.User, { foreignKey: "user_id", - onDelete:"CASCADE", - hooks:true + onDelete:'NULL' }); } } diff --git a/models/usertoken.js b/models/usertoken.js index 559b1d5..e7ac51a 100644 --- a/models/usertoken.js +++ b/models/usertoken.js @@ -1,7 +1,5 @@ 'use strict'; -const { - Model -} = require('sequelize'); +const {Model} = require('sequelize'); module.exports = (sequelize, DataTypes) => { class userToken extends Model { /** diff --git a/package-lock.json b/package-lock.json index b7874df..b30ff00 100644 --- a/package-lock.json +++ b/package-lock.json @@ -20,6 +20,7 @@ "mysql2": "^3.6.5", "nodemailer": "^6.9.7", "nodemon": "^3.0.1", + "rand-token": "^1.0.1", "redis": "^4.6.11", "sequelize": "^6.35.1", "sequelize-cli": "^6.6.2" @@ -2011,6 +2012,14 @@ "url": "https://github.com/sponsors/ljharb" } }, + "node_modules/rand-token": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/rand-token/-/rand-token-1.0.1.tgz", + "integrity": "sha512-Zri5SfJmEzBJ3IexFdigvPSCamslJ7UjLkUn0tlgH7COJvaUr5V7FyUYgKifEMTw7gFO8ZLcWjcU+kq8akipzg==", + "engines": { + "node": ">= 10" + } + }, "node_modules/range-parser": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", @@ -4381,6 +4390,11 @@ "side-channel": "^1.0.4" } }, + "rand-token": { + "version": "1.0.1", + "resolved": "https://registry.npmjs.org/rand-token/-/rand-token-1.0.1.tgz", + "integrity": "sha512-Zri5SfJmEzBJ3IexFdigvPSCamslJ7UjLkUn0tlgH7COJvaUr5V7FyUYgKifEMTw7gFO8ZLcWjcU+kq8akipzg==" + }, "range-parser": { "version": "1.2.1", "resolved": "https://registry.npmjs.org/range-parser/-/range-parser-1.2.1.tgz", diff --git a/package.json b/package.json index 82ba099..d263f2c 100644 --- a/package.json +++ b/package.json @@ -11,6 +11,7 @@ "mysql2": "^3.6.5", "nodemailer": "^6.9.7", "nodemon": "^3.0.1", + "rand-token": "^1.0.1", "redis": "^4.6.11", "sequelize": "^6.35.1", "sequelize-cli": "^6.6.2" diff --git a/services/userservices.js b/services/userservices.js index 6da8161..205708f 100644 --- a/services/userservices.js +++ b/services/userservices.js @@ -8,6 +8,7 @@ const nodemailer = require("nodemailer"); const axios = require("axios"); const Cheerio = require("cheerio"); const { client } = require("../config/redisconfig"); +const randToken = require("rand-token") const transporter = nodemailer.createTransport({ host: "smtp.gmail.com", @@ -30,7 +31,6 @@ const getdata = async (id) => { }; const deleteuser = async (ID) => { - const data1 = await address.destroy({ where: { user_id: ID } }); const data = await User.destroy({ where: { id: ID } }); if (data) { return true; @@ -57,7 +57,7 @@ const verifyemail = async (data) => { const mailOption = { from: config.EMAIL_FROM, - to: config.EMAIL_TO, + to: "ernitish26@gmail.com", subject: "Password Reset Link", html: `${token}`, }; @@ -77,7 +77,7 @@ const modifyPass = async (email, data) => { ); const mailOption = { from: config.EMAIL_FROM, - to: config.EMAIL_TO, + to: "ernitish26@gmail.com", subject: "Password Reset", text: "Password Reset successfully", }; @@ -94,23 +94,18 @@ const userlogin = async (data) => { config.ACCESS_TOKEN_SECRET, { expiresIn: config.ACCESS_TOKEN_EXPIRES } ); - const refreshToken = jwt.sign( - { - username: userData.email, - id: userData.id, - }, - config.REFRESH_TOKEN_SECRET, - { expiresIn: "1d" } - ); + const refreshToken = randToken.uid(256); await userToken.create({ user_id: userData.id, token: accessToken, expiry: config.JWT_EXPIRES_IN, }); - await client.hSet("refreshToken", { + + await client.hSet(refreshToken, { + id: userData.id, email: userData.email, - username: userData.username, + username:userData.username }); return { accessToken, refreshToken }; } else { @@ -273,20 +268,21 @@ const findByAggregate = async () => { return data; }; -const generateToken = (RTemail) => { - // Correct token we send a new access token - userCredentials = User.findOne({where:{email:RTemail}}) +const generateToken = async (userData) => { + const accessToken = jwt.sign( - { - username: userCredentials.username, - email: userCredentials.email, - }, - process.env.ACCESS_TOKEN_SECRET, - { - expiresIn: "10m", - } + { email: userData.email, id: userData.id }, + config.ACCESS_TOKEN_SECRET, + { expiresIn: config.ACCESS_TOKEN_EXPIRES } ); - return res.json({ accessToken }); + const refreshToken = randToken.uid(256); + await client.hSet(refreshToken, { + id: userData.id, + email: userData.email, + username:userData.username + }); + + return { accessToken, refreshToken }; }; module.exports = {