1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
const router = require('express').Router()
const { randomBytes } = require('crypto')
const createJwt = require('../helpers/createJwt')
const User = require('../model/User')
// Alive
router.get("/", (_, res) => res.send("Auth service is up.") )
// Register
router.post('/register', async (req, res) => {
const refreshToken = randomBytes(32).toString('hex')
const newUser = new User({
email: req.body.email,
password: req.body.password,
sessions: [{
device: req.body.device,
refreshToken,
}],
})
try {
const user = await newUser.save()
const sessionId = user.sessions[0]._id
const jwtToken = createJwt(user, sessionId)
res.status(201).send({ sessionId, jwtToken, refreshToken })
} catch(err) {
if (err._message) {
res.status(422).send({ error: err._message })
} else if (err.code && err.code === 11000) {
res.status(409).send({ error: 'User with this email already exist' })
} else {
res.status(400).send({ error: 'Could not save the user' })
}
}
})
// Login
router.post('/login', async (req, res) => {
try {
const { user, refreshToken } = await User.newSession(req.body)
const sessionId = user.sessions[user.sessions.length - 1]._id
const jwtToken = createJwt(user, sessionId)
res.status(202).send({ sessionId, jwtToken, refreshToken })
} catch (err) {
res.status(401).send({ error: 'Could not log in.' })
}
})
// Refresh token
router.post('/refresh', async (req, res) => {
try {
const user = await User.checkRefreshToken(req.body)
if (!user) throw new Error()
const refreshToken = await User.refreshExistingToken({ user, sessionId: req.body.sessionId })
if (!refreshToken) throw new Error()
const jwtToken = createJwt(user)
res.status(201).send({ sessionId: req.body.sessionId, jwtToken, refreshToken })
} catch (err) {
console.log(err)
res.status(401).send({ error: 'Could not refresh token' })
}
})
module.exports = router
|
