implement refresh tokens

author: Piotr Russ <mail@pruss.it> 2020-11-22 13:49:09 +0100
committer: Piotr Russ <mail@pruss.it> 2020-11-22 13:49:09 +0100
commit: 4569b85489e863465395f84e995dd3fdc44471b4 (patch)
tree: 6e4d27883809c94c8b3f3b87159d85c7f3874bbd /server/models/User.js
parent: 81ddf9b700bc48a1f8e472209f080f9c1d9a9b09 (diff)
download: website_creator-4569b85489e863465395f84e995dd3fdc44471b4.tar.gz
website_creator-4569b85489e863465395f84e995dd3fdc44471b4.tar.bz2
website_creator-4569b85489e863465395f84e995dd3fdc44471b4.zip
1 files changed, 23 insertions, 8 deletions
diff --git a/server/models/User.js b/server/models/User.js
index 4fa6ffe..e777878 100644
--- a/server/models/User.js
+++ b/server/models/User.js
@@ -1,5 +1,6 @@
 const mongoose = require("mongoose");
 const bcrypt = require('bcryptjs');
+const randtoken = require('rand-token');
 const jwt = require('jsonwebtoken');
 
 const userSchema = new mongoose.Schema({
@@ -23,22 +24,36 @@ const userSchema = new mongoose.Schema({
     min: 4,
     max: 1024,
   },
-  tokens: [{
-    token: {
+  sessions: [{
+    ref: {
       type: String,
       required: true
     }
   }]
 });
 
-userSchema.methods.generateAuthToken = async function () {
-  const user = this;
-  const token = jwt.sign({ _id: user._id.toString() }, 'replaceThisWithSecretString')
+userSchema.methods.generateJwtToken = async function (currentRef) {
+  const ref = currentRef ? currentRef : randtoken.uid(256);
+
+  if (!currentRef) {
+    this.sessions = this.sessions.concat({ ref });
+    this.save();
+  }
+
+  return jwt.sign(
+    { _id: this._id.toString(), ref },
+    'replaceThisWithSecretString',
+    { expiresIn: 300 }
+  );
+}
 
-  user.tokens = user.tokens.concat({ token });
-  user.save();
+userSchema.methods.endSession = async function (ref) {
+  this.sessions = this.sessions.filter((session) => {
+    return session.ref !== ref;
+  });
 
-  return token;
+  await this.save();
+  return null;
 }
 
 userSchema.statics.findByCredentials = async (email, password) => {
author	Piotr Russ <mail@pruss.it>	2020-11-22 13:49:09 +0100
committer	Piotr Russ <mail@pruss.it>	2020-11-22 13:49:09 +0100
commit	4569b85489e863465395f84e995dd3fdc44471b4 (patch)
tree	6e4d27883809c94c8b3f3b87159d85c7f3874bbd /server/models/User.js
parent	81ddf9b700bc48a1f8e472209f080f9c1d9a9b09 (diff)
download	website_creator-4569b85489e863465395f84e995dd3fdc44471b4.tar.gz website_creator-4569b85489e863465395f84e995dd3fdc44471b4.tar.bz2 website_creator-4569b85489e863465395f84e995dd3fdc44471b4.zip