50 lines
1.6 KiB
JavaScript
50 lines
1.6 KiB
JavaScript
const {verifyToken, generateAccesToken, generateRefreshToken} = require("./auth");
|
|
|
|
const auth = (req, res, next) => {
|
|
const refreshToken = req.cookies.refreshToken;
|
|
const accessToken = req.cookies.accessToken;
|
|
const permtoken = req.cookies.permtoken;
|
|
if(!refreshToken && !accessToken && !permtoken) return res.status(401).json({error: "Unauthorized"});
|
|
|
|
if(accessToken){
|
|
const result = verifyToken(accessToken);
|
|
if(result.user){
|
|
req.user = result.user;
|
|
return next();
|
|
}
|
|
}
|
|
|
|
else if(refreshToken && !accessToken){
|
|
const result = verifyToken(refreshToken);
|
|
if(result != false){
|
|
//create new access token
|
|
const newAccessToken = generateAccesToken(result.user);
|
|
res.cookie("accessToken", newAccessToken, {httpOnly: true});
|
|
}
|
|
if(result.user){
|
|
req.user = result.user;
|
|
return next();
|
|
}
|
|
}
|
|
|
|
else if(permtoken){
|
|
const result = verifyToken(permtoken);
|
|
if(result != false){
|
|
//create new access token
|
|
const newAccessToken = generateAccesToken(result.user);
|
|
res.cookie("accessToken", newAccessToken, {httpOnly: true});
|
|
|
|
//create new refresh token
|
|
const newRefreshToken = generateRefreshToken(result.user);
|
|
res.cookie("refreshToken", newRefreshToken, {httpOnly: true});
|
|
}
|
|
if(result.user){
|
|
req.user = result.user;
|
|
return next();
|
|
}
|
|
}
|
|
|
|
return res.status(401).json({error: "Unauthorized"});
|
|
}
|
|
|
|
module.exports = auth; |