kajvans/forum-backend
1
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Wiki Activity

tuned some things and added some to user route

Browse Source
This commit is contained in:
kaj van schalkwijk
2024-01-24 16:28:02 +01:00
parent 49cd0b1953
commit 421ab338fc
8 changed files with 500 additions and 46 deletions
Download Patch File Download Diff File Expand all files Collapse all files
auth/middleware.js
+89 -15
View File
@@ -1,50 +1,124 @@
const {verifyToken, generateAccesToken, generateRefreshToken} = require("./auth");
const { verifyToken, generateAccesToken, generateRefreshToken } = require("./auth");
const auth = (req, res, next) => {
const refreshToken = req.cookies.refreshToken;
const accessToken = req.cookies.accessToken;
const permtoken = req.cookies.permtoken;
if(!refreshToken && !accessToken && !permtoken) return res.status(401).json({error: "Unauthorized"});
if (!refreshToken && !accessToken && !permtoken) return res.status(401).json({ error: "Unauthorized" });
if(accessToken){
if (accessToken) {
const result = verifyToken(accessToken);
if(result.user){
if (result == false) {
//remove refresh token
res.cookie("accessToken", "", { httpOnly: true });
}
if (result.user) {
req.user = result.user;
return next();
}
}
else if(refreshToken && !accessToken){
else if (refreshToken && !accessToken) {
const result = verifyToken(refreshToken);
if(result != false){
if (result != false) {
//create new access token
const newAccessToken = generateAccesToken(result.user);
res.cookie("accessToken", newAccessToken, {httpOnly: true});
res.cookie("accessToken", newAccessToken, { httpOnly: true });
}
if(result.user){
else {
//remove refresh token
res.cookie("refreshToken", "", { httpOnly: true });
}
if (result.user) {
req.user = result.user;
return next();
}
}
else if(permtoken){
else if (permtoken) {
const result = verifyToken(permtoken);
if(result != false){
if (result != false) {
//create new access token
const newAccessToken = generateAccesToken(result.user);
res.cookie("accessToken", newAccessToken, {httpOnly: true});
res.cookie("accessToken", newAccessToken, { httpOnly: true });
//create new refresh token
const newRefreshToken = generateRefreshToken(result.user);
res.cookie("refreshToken", newRefreshToken, {httpOnly: true});
res.cookie("refreshToken", newRefreshToken, { httpOnly: true });
}
if(result.user){
else {
//remove permtoken
res.cookie("permtoken", "", { httpOnly: true });
}
if (result.user) {
req.user = result.user;
return next();
}
}
return res.status(401).json({error: "Unauthorized"});
return res.status(401).json({ error: "Unauthorized" });
}
module.exports = auth;
const publicauth = (req, res, next) => {
const refreshToken = req.cookies.refreshToken;
const accessToken = req.cookies.accessToken;
const permtoken = req.cookies.permtoken;
if (!refreshToken && !accessToken && !permtoken) {
req.user = null;
return next();
}
if (accessToken) {
const result = verifyToken(accessToken);
if (result == false) {
//remove refresh token
res.cookie("accessToken", "", { httpOnly: true });
}
if (result.user) {
req.user = result.user;
return next();
}
}
else if (refreshToken && !accessToken) {
const result = verifyToken(refreshToken);
if (result != false) {
//create new access token
const newAccessToken = generateAccesToken(result.user);
res.cookie("accessToken", newAccessToken, { httpOnly: true });
}
else {
//remove refresh token
res.cookie("refreshToken", "", { httpOnly: true });
}
if (result.user) {
req.user = result.user;
return next();
}
}
else if (permtoken) {
const result = verifyToken(permtoken);
if (result != false) {
//create new access token
const newAccessToken = generateAccesToken(result.user);
res.cookie("accessToken", newAccessToken, { httpOnly: true });
//create new refresh token
const newRefreshToken = generateRefreshToken(result.user);
res.cookie("refreshToken", newRefreshToken, { httpOnly: true });
}
else {
//remove permtoken
res.cookie("permtoken", "", { httpOnly: true });
}
if (result.user) {
req.user = result.user;
return next();
}
}
req.user = null;
}
module.exports = { auth, publicauth };