fixed redirect Login middleware

5 files changed, 50 insertions, 30 deletions

diff --git a/app.js b/app.js
index 4391b7f..0ee7cf7 100755
--- a/app.js
+++ b/app.js
@@ -7,7 +7,7 @@ require('./server/db/mongoose');
 const setCookie = require('./server/helpers/setCookie');
 const userRoutes = require('./server/routes/user');
 const auth = require('./server/middleware/auth');
-const redirectIfLoggedIn = require('./server/middleware/redirectIfLoggedIn');
+const redirectLogged = require('./server/middleware/redirectLogged');
 
 const app = express();
 const port = process.env.PORT || 3000;
@@ -23,7 +23,7 @@ app.use('/admin/', auth, express.static(
   { setHeaders: setCookie }
 ));
 
-app.use('/login/', redirectIfLoggedIn, express.static(
+app.use('/login/', redirectLogged, express.static(
   path.join(__dirname, 'client/login')
 ));
 
diff --git a/server/db/mongoose.js b/server/db/mongoose.js
index 9b89c14..8dde175 100644
--- a/server/db/mongoose.js
+++ b/server/db/mongoose.js
@@ -6,5 +6,5 @@ mongoose.connect(
     useNewUrlParser: true,
     useCreateIndex: true,
   },
-  () => console.log('connected to DB')
+  () => console.log('Successfully connected to DB.')
 );
diff --git a/server/middleware/auth.js b/server/middleware/auth.js
index bec113d..5c77830 100644
--- a/server/middleware/auth.js
+++ b/server/middleware/auth.js
@@ -17,7 +17,6 @@ const auth = async (req, res, next) => {
     } catch(er) {
       if (er.message && er.message === 'jwt expired') {
         const { _id, ref } = jwt.decode(token, process.env.JWT_SECRET);
-        console.log('reading db to login')
         const user = await User.findById(_id);
 
         if (!user) {
@@ -27,7 +26,7 @@ const auth = async (req, res, next) => {
         if (user.sessions.filter(s => s.ref === ref).length > 0) {
           req.userId = _id;
           req.refreshToken = ref;
-          req.newToken = await user.generateJwtToken(res.req.refreshToken);;
+          req.newToken = await user.generateJwtToken(ref);;
           return next();
         }
 
diff --git a/server/middleware/redirectIfLoggedIn.js b/server/middleware/redirectIfLoggedIn.js
deleted file mode 100644
index fe793f7..0000000
--- a/server/middleware/redirectIfLoggedIn.js
+++ /dev/null
@@ -1,25 +0,0 @@
-const jwt = require('jsonwebtoken');
-const User = require('../models/User');
-
-const redirectIfLoggedIn = async (req, res, next) => {
-  try {
-    const token = req.cookies.token || '';
-
-    if (!token) {
-      throw new Error();
-    }
-
-    const decoded = jwt.verify(token, process.env.JWT_SECRET);
-    const user = await User.findOne({ _id: decoded._id, 'tokens.token': token });
-
-    if (!user) {
-      throw new Error();
-    }
-
-    res.redirect('/admin');
-  } catch (err) {
-    next();
-  }
-};
-
-module.exports = redirectIfLoggedIn;
diff --git a/server/middleware/redirectLogged.js b/server/middleware/redirectLogged.js
new file mode 100644
index 0000000..40a5657
--- /dev/null
+++ b/server/middleware/redirectLogged.js
@@ -0,0 +1,46 @@
+const jwt = require('jsonwebtoken');
+const User = require('../models/User');
+
+const redirectLogged = async (req, res, next) => {
+  try {
+    const token = req.cookies.token || '';
+
+    if (!token) {
+      throw new Error();
+    }
+
+    try {
+      const decoded = jwt.verify(token, process.env.JWT_SECRET);
+      res.redirect('/admin');
+    } catch(er) {
+      if (er.message && er.message === 'jwt expired') {
+        const { _id, ref } = jwt.decode(token, process.env.JWT_SECRET);
+        const user = await User.findById(_id);
+
+        if (!user) {
+          throw new Error();
+        }
+
+        if (user.sessions.filter(s => s.ref === ref).length > 0) {
+          const newToken = await user.generateJwtToken(ref);;
+          res
+            .cookie('token', token, {
+              maxAge: parseInt(process.env.COOKIE_MAX_AGE),
+              secure: false,
+              httpOnly: true,
+            })
+            .redirect('/admin');
+        }
+
+        throw new Error();
+      }
+
+      throw new Error();
+    }
+  } catch (err) {
+    return next();
+  }
+
+};
+
+module.exports = redirectLogged;