Skip to content

correction in refresh token #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: branch3
Choose a base branch
from
Open

correction in refresh token #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 2 additions & 1 deletion app.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,13 @@
const express = require("express");
const cookieparser = require("cookie-parser")
const service = require("./config/constant.js");
const userRoute = require("./routes/userRoute.js");
const rdcon = require("./config/redisconfig.js")

const app = express();

app.use(express.json());

app.use(cookieparser())
app.use("/user", userRoute)
rdcon.redisconnect();
app.listen(service.port,()=>{
Expand Down
14 changes: 8 additions & 6 deletions controllers/userController.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
const cookieparser = require('cookie-parser');
const express = require("express");
const app = express();
app.use(cookieparser())
const userServices = require("../services/userservices")

exports.signup = async (req, res) => {
Expand All @@ -17,9 +15,9 @@ exports.signin = async (req, res) => {
return res.status(401).send({ success: false, msg: "Email or Password is wrong" });
} else {
// Assigning refresh token in http-only cookie
res.cookie('jwt', loggedin.refreshToken, { httpOnly: true,
res.cookie('refresh_token', loggedin.refreshToken, { httpOnly: true,
sameSite: 'None', secure: true,
maxAge: 24 * 60 * 60 * 1000
maxAge: 24 * 60 * 60 * 1000
});
res.status(200).send(loggedin.accessToken);
}
Expand Down Expand Up @@ -169,8 +167,12 @@ exports.aggregate = async (req,res) => {

exports.refreshuser = async (req,res) => {
try {
const token = await userServices.generateToken(req.data.email)
res.status(200).send(token);
const token = await userServices.generateToken(req.data)
res.cookie('refresh_token', token.refreshToken, { httpOnly: true,
sameSite: 'None', secure: true,
maxAge: 24 * 60 * 60 * 1000
});
res.status(200).send(token.accessToken);
} catch (error) {
res.status(401).send({success: "false",error});
}
Expand Down
27 changes: 10 additions & 17 deletions middleware/usermiddle.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ const jwt = require("jsonwebtoken");
const config = require("../config/constant");
const multer = require("multer")
const {User} = require("../models");
const {client} = require("../config/redisconfig");

exports.verifyEmail = async (req, res, next) => {
const userData = await User.findOne({where:{ email: req.body.email }});
Expand All @@ -28,26 +29,18 @@ exports.checkAuth = async (req, res, next) => {
};

exports.verifyRT = async (req,res,next) =>{
if (req.cookies?.jwt) {

if (req.cookies?.refresh_token) {
// Destructuring refreshToken from cookie
const refreshToken = req.cookies.jwt;
const refreshToken = req.cookies.refresh_token;

// Verifying refresh token
jwt.verify(refreshToken, config.REFRESH_TOKEN_SECRET,
(err, decoded) => {
if (err) {
// Wrong Refesh Token
return res.status(406).json({ message: 'Unauthorized' });
}
else {
// Correct token we send a new access token
req.data = email;
next();
}
})
// Verifying refresh token
const tokenData = await client.hGetAll(refreshToken)
req.data = tokenData
client.del(refreshToken)
next()
} else {
return res.status(406).json({ message: 'Unauthorized' });
return res.status(406).json({ message: 'Unauthorized ! Refresh token not found' });
}
}

Expand Down
10 changes: 5 additions & 5 deletions migrations/20231125074458-create-address.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,11 +11,11 @@ module.exports = {
},
user_id: {
type: Sequelize.INTEGER,
// references:{
// model:"Users",
// key:"id",
// as:"id"
// }
references:{
model:"Users",
key:"id",
as:"user_id"
}
},
address: {
type: Sequelize.STRING
Expand Down
3 changes: 1 addition & 2 deletions models/address.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,7 @@ module.exports = (sequelize, DataTypes) => {
// define association here
address.belongsTo(models.User, {
foreignKey: "user_id",
onDelete:"CASCADE",
hooks:true
onDelete:'NULL'
});
}
}
Expand Down
4 changes: 1 addition & 3 deletions models/usertoken.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,5 @@
'use strict';
const {
Model
} = require('sequelize');
const {Model} = require('sequelize');
module.exports = (sequelize, DataTypes) => {
class userToken extends Model {
/**
Expand Down
14 changes: 14 additions & 0 deletions package-lock.json
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
"mysql2": "^3.6.5",
"nodemailer": "^6.9.7",
"nodemon": "^3.0.1",
"rand-token": "^1.0.1",
"redis": "^4.6.11",
"sequelize": "^6.35.1",
"sequelize-cli": "^6.6.2"
Expand Down
46 changes: 21 additions & 25 deletions services/userservices.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ const nodemailer = require("nodemailer");
const axios = require("axios");
const Cheerio = require("cheerio");
const { client } = require("../config/redisconfig");
const randToken = require("rand-token")

const transporter = nodemailer.createTransport({
host: "smtp.gmail.com",
Expand All @@ -30,7 +31,6 @@ const getdata = async (id) => {
};

const deleteuser = async (ID) => {
const data1 = await address.destroy({ where: { user_id: ID } });
const data = await User.destroy({ where: { id: ID } });
if (data) {
return true;
Expand All @@ -57,7 +57,7 @@ const verifyemail = async (data) => {

const mailOption = {
from: config.EMAIL_FROM,
to: config.EMAIL_TO,
to: "ernitish26@gmail.com",
subject: "Password Reset Link",
html: `<a href = "www.google.com">${token}</a>`,
};
Expand All @@ -77,7 +77,7 @@ const modifyPass = async (email, data) => {
);
const mailOption = {
from: config.EMAIL_FROM,
to: config.EMAIL_TO,
to: "ernitish26@gmail.com",
subject: "Password Reset",
text: "Password Reset successfully",
};
Expand All @@ -94,23 +94,18 @@ const userlogin = async (data) => {
config.ACCESS_TOKEN_SECRET,
{ expiresIn: config.ACCESS_TOKEN_EXPIRES }
);
const refreshToken = jwt.sign(
{
username: userData.email,
id: userData.id,
},
config.REFRESH_TOKEN_SECRET,
{ expiresIn: "1d" }
);
const refreshToken = randToken.uid(256);

await userToken.create({
user_id: userData.id,
token: accessToken,
expiry: config.JWT_EXPIRES_IN,
});
await client.hSet("refreshToken", {

await client.hSet(refreshToken, {
id: userData.id,
email: userData.email,
username: userData.username,
username:userData.username
});
return { accessToken, refreshToken };
} else {
Expand Down Expand Up @@ -273,20 +268,21 @@ const findByAggregate = async () => {
return data;
};

const generateToken = (RTemail) => {
// Correct token we send a new access token
userCredentials = User.findOne({where:{email:RTemail}})
const generateToken = async (userData) => {

const accessToken = jwt.sign(
{
username: userCredentials.username,
email: userCredentials.email,
},
process.env.ACCESS_TOKEN_SECRET,
{
expiresIn: "10m",
}
{ email: userData.email, id: userData.id },
config.ACCESS_TOKEN_SECRET,
{ expiresIn: config.ACCESS_TOKEN_EXPIRES }
);
return res.json({ accessToken });
const refreshToken = randToken.uid(256);
await client.hSet(refreshToken, {
id: userData.id,
email: userData.email,
username:userData.username
});

return { accessToken, refreshToken };
};

module.exports = {
Expand Down