diff options
Diffstat (limited to 'server/middleware')
| -rw-r--r-- | server/middleware/auth.js | 3 | ||||
| -rw-r--r-- | server/middleware/redirectIfLoggedIn.js | 25 | ||||
| -rw-r--r-- | server/middleware/redirectLogged.js | 46 |
3 files changed, 47 insertions, 27 deletions
diff --git a/server/middleware/auth.js b/server/middleware/auth.js index bec113d..5c77830 100644 --- a/server/middleware/auth.js +++ b/server/middleware/auth.js @@ -17,7 +17,6 @@ const auth = async (req, res, next) => { } catch(er) { if (er.message && er.message === 'jwt expired') { const { _id, ref } = jwt.decode(token, process.env.JWT_SECRET); - console.log('reading db to login') const user = await User.findById(_id); if (!user) { @@ -27,7 +26,7 @@ const auth = async (req, res, next) => { if (user.sessions.filter(s => s.ref === ref).length > 0) { req.userId = _id; req.refreshToken = ref; - req.newToken = await user.generateJwtToken(res.req.refreshToken);; + req.newToken = await user.generateJwtToken(ref);; return next(); } diff --git a/server/middleware/redirectIfLoggedIn.js b/server/middleware/redirectIfLoggedIn.js deleted file mode 100644 index fe793f7..0000000 --- a/server/middleware/redirectIfLoggedIn.js +++ /dev/null @@ -1,25 +0,0 @@ -const jwt = require('jsonwebtoken'); -const User = require('../models/User'); - -const redirectIfLoggedIn = async (req, res, next) => { - try { - const token = req.cookies.token || ''; - - if (!token) { - throw new Error(); - } - - const decoded = jwt.verify(token, process.env.JWT_SECRET); - const user = await User.findOne({ _id: decoded._id, 'tokens.token': token }); - - if (!user) { - throw new Error(); - } - - res.redirect('/admin'); - } catch (err) { - next(); - } -}; - -module.exports = redirectIfLoggedIn; diff --git a/server/middleware/redirectLogged.js b/server/middleware/redirectLogged.js new file mode 100644 index 0000000..40a5657 --- /dev/null +++ b/server/middleware/redirectLogged.js @@ -0,0 +1,46 @@ +const jwt = require('jsonwebtoken'); +const User = require('../models/User'); + +const redirectLogged = async (req, res, next) => { + try { + const token = req.cookies.token || ''; + + if (!token) { + throw new Error(); + } + + try { + const decoded = jwt.verify(token, process.env.JWT_SECRET); + res.redirect('/admin'); + } catch(er) { + if (er.message && er.message === 'jwt expired') { + const { _id, ref } = jwt.decode(token, process.env.JWT_SECRET); + const user = await User.findById(_id); + + if (!user) { + throw new Error(); + } + + if (user.sessions.filter(s => s.ref === ref).length > 0) { + const newToken = await user.generateJwtToken(ref);; + res + .cookie('token', token, { + maxAge: parseInt(process.env.COOKIE_MAX_AGE), + secure: false, + httpOnly: true, + }) + .redirect('/admin'); + } + + throw new Error(); + } + + throw new Error(); + } + } catch (err) { + return next(); + } + +}; + +module.exports = redirectLogged; |