diff options
| author |  piotrruss <mail@pruss.it>
| 2023-08-21 22:19:54 +0200 |
|---|---|---|
| committer | piotrruss <mail@pruss.it>
| 2023-08-21 22:23:57 +0200 |
| commit | 9fb0815b575cfc23ced6722b1a164328bd3cff1a (patch) | |
| tree | 971a10bb74824d007cb74082a0a1d07dba3f30e2 /model | |
| parent | 4d28ac359b25d89d0dbb42dd3a6d32269eebc619 (diff) | |
| download | auth-service-9fb0815b575cfc23ced6722b1a164328bd3cff1a.tar.gz auth-service-9fb0815b575cfc23ced6722b1a164328bd3cff1a.tar.bz2 auth-service-9fb0815b575cfc23ced6722b1a164328bd3cff1a.zip | |
refactor, new routes
Diffstat (limited to 'model')
| -rw-r--r-- | model/User.js | 64 |
1 files changed, 45 insertions, 19 deletions
diff --git a/model/User.js b/model/User.js index ce34cbe..8009980 100644 --- a/model/User.js +++ b/model/User.js @@ -22,12 +22,6 @@ const userSchema = new mongoose.Schema({ max: 1024, min: 6, }, - refresh: { - type: String, - required: true, - max: 1024, - min: 6, - }, verify: { type: String, default: randomBytes(3).toString('hex'), @@ -38,25 +32,38 @@ const userSchema = new mongoose.Schema({ min: 3, default: 'user', }, - date: { + sessions: [{ + device: { type: String, maxlength: 128, default: "Unknown" }, + refreshToken: { type: String, required: true, max: 1024, min: 6 }, + updatedAt: { type: Date, default: Date.now }, + }], + createdAt: { type: Date, default: Date.now, }, }) -userSchema.statics.checkRefreshToken = async (email, refresh) => { +userSchema.statics.checkRefreshToken = async ({ email, sessionId, refreshToken }) => { + if (!email || !sessionId || !refreshToken) throw new Error('Wrong request') + const user = await User.findOne({ email }) if (!user) throw new Error('User not found') - const isMatch = await bcrypt.compare(refresh, user.refresh) + console.log(user) + + const session = user.sessions.find(s => s._id.toString() === sessionId) + + if (!session) throw new Error('Session not found') + + const isMatch = await bcrypt.compare(refreshToken, session.refreshToken) if (!isMatch) throw new Error('Wrong refresh token') return user } -userSchema.statics.findByCredentials = async (email, password) => { +userSchema.statics.newSession = async ({ email, password, device }) => { const user = await User.findOne({ email }) if (!user) throw new Error('Unable to login') @@ -65,22 +72,45 @@ userSchema.statics.findByCredentials = async (email, password) => { if (!isMatch) throw new Error('Unable to login') - return user + const refreshToken = randomBytes(32).toString('hex') + + user.sessions.push({ device, refreshToken: await bcrypt.hash(refreshToken, 8) }) + + const newUser = await user.save() + + return { user: newUser, refreshToken } } -userSchema.statics.newRefreshToken = async (user) => { +userSchema.statics.refreshExistingToken = async ({ user, sessionId }) => { const newRefreshToken = randomBytes(32).toString('hex') - user.refresh = newRefreshToken + const id = user.sessions.findIndex(s => s._id.toString() === sessionId); + + if (!id) throw new Error('Wrong session id') + + user.sessions[id].refreshToken = await bcrypt.hash(newRefreshToken, 8) + await user.save() return newRefreshToken } -userSchema.statics.removeRefreshToken = async (email) => ( - await User.findOneAndUpdate({ email }, { refresh: '' }) +userSchema.statics.removeSession = async ({ email, sessionId }) => ( + await User.findOneAndUpdate( + { email }, + { $pull: { sessions: { _id: sessionId } } }, + { safe: true, multi: false } + ) ) +userSchema.statics.getSessions = async ({ email }) => { + const user = await User.findOne({ email }) + + if (!user) throw new Error('User not found') + + return user.sessions +} + userSchema.pre('save', async function(next){ const user = this @@ -88,10 +118,6 @@ userSchema.pre('save', async function(next){ user.password = await bcrypt.hash(user.password, 8) } - if (user.isModified('refresh')) { - user.refresh = await bcrypt.hash(user.refresh, 8) - } - next() }) |