diff options
| -rw-r--r-- | server/models/Session.js | 20 | ||||
| -rw-r--r-- | server/models/User.js | 19 | ||||
| -rw-r--r-- | server/routes/user.js | 5 |
3 files changed, 32 insertions, 12 deletions
diff --git a/server/models/Session.js b/server/models/Session.js new file mode 100644 index 0000000..c410bb9 --- /dev/null +++ b/server/models/Session.js @@ -0,0 +1,20 @@ +const mongoose = require("mongoose"); + +const sessionSchema = new mongoose.Schema({ + user: { + type : mongoose.Schema.Types.ObjectId, + ref : 'User' + }, + refreshToken: { + type: String, + required: true + }, + lastAccess: { + type: Date, + default: Date.now(), + index: { expires: 90 } + } +}); + +module.exports = mongoose.model('Session', sessionSchema); + diff --git a/server/models/User.js b/server/models/User.js index 8cc9c4c..ef3d94e 100644 --- a/server/models/User.js +++ b/server/models/User.js @@ -2,6 +2,7 @@ const mongoose = require("mongoose"); const bcrypt = require('bcryptjs'); const randtoken = require('rand-token'); const jwt = require('jsonwebtoken'); +const Session = require('./Session'); const userSchema = new mongoose.Schema({ email: { @@ -24,24 +25,18 @@ const userSchema = new mongoose.Schema({ min: 4, max: 1024, }, - sessions: [{ - ref: { - type: String, - required: true - } - }] }); -userSchema.methods.generateJwtToken = async function (currentRef) { - const ref = currentRef ? currentRef : randtoken.uid(256); +userSchema.methods.generateJwtToken = async function (currentRefToken) { + const refreshToken = currentRefToken ? currentRefToken : randtoken.uid(256); - if (!currentRef) { - this.sessions = this.sessions.concat({ ref }); - this.save(); + if (!currentRefToken) { + const session = new Session({ user: this, refreshToken }); + await session.save(); } return jwt.sign( - { _id: this._id.toString(), ref }, + { _id: this._id.toString(), refreshToken }, process.env.JWT_SECRET, { expiresIn: parseInt(process.env.JWT_TOKEN_MAX_AGE) } ); diff --git a/server/routes/user.js b/server/routes/user.js index 91bc0f1..f2420ab 100644 --- a/server/routes/user.js +++ b/server/routes/user.js @@ -5,6 +5,11 @@ const jwt = require('jsonwebtoken'); router.get('/me', auth, async (req, res) => { const user = await User.findById(req.userId); + + if (!user) { + res.clearCookie('token').redirect('/login'); + } + res.json({ email: user.email }); }) |