Merge branch 'feature/#88-refresh-auth-token' of github.com:keen-studio/payload

2020-03-29 19:21:05 -04:00
parent c9e209a2d8 509031bbfe
commit dacbd398c3
2 changed files with 45 additions and 8 deletions
--- a/src/auth/requestHandlers.js
+++ b/src/auth/requestHandlers.js
@@ -20,7 +20,11 @@ module.exports = (userConfig, User) => ({
        return next(error);
      }
      return passport.authenticate('local')(req, res, () => {
-        return res.json({ [usernameField]: user[usernameField], role: user.role, createdAt: user.createdAt });
+        return res.json({
+          [usernameField]: user[usernameField],
+          role: user.role,
+          createdAt: user.createdAt
+        });
      });
    });
  },
@@ -37,10 +41,12 @@ module.exports = (userConfig, User) => ({
    const { password } = req.body;

    User.findByUsername(username, (err, user) => {
-      if (err || !user) return res.status(401).json({ message: 'Auth Failed' });
+      if (err || !user) {
+        return new APIError('Authentication Failed', httpStatus.UNAUTHORIZED);
+      }

      return user.authenticate(password, (authErr, model, passwordError) => {
-        if (authErr || passwordError) return res.status(401).json({ message: 'Auth Failed' });
+        if (authErr || passwordError) return new APIError('Authentication Failed', httpStatus.UNAUTHORIZED);

        const opts = {};
        opts.expiresIn = process.env.tokenExpiration || 7200;
@@ -54,14 +60,40 @@ module.exports = (userConfig, User) => ({
        });

        const token = jwt.sign(fieldsToSign, secret, opts);
-        return res.status(200).json({
-          message: 'Auth Passed',
-          token,
-        });
+        return res.status(200)
+          .json({
+            message: 'Auth Passed',
+            token,
+          });
      });
    });
  },

+  /**
+   * Refresh an expired or soon to be expired auth token
+   * @param req
+   * @param res
+   * @param next
+   */
+  refresh: (req, res, next) => {
+    const { token } = req.body;
+    const secret = process.env.secret || 'SECRET_KEY';
+    const opts = {};
+    opts.expiresIn = process.env.tokenExpiration || 7200;
+
+    try {
+      jwt.verify(token, secret, {});
+      const refreshToken = jwt.sign(token, secret);
+      res.status(200)
+        .json({
+          message: 'Token Refresh Successful',
+          refreshToken,
+        });
+    } catch (e) {
+      next(new APIError('Authentication error', httpStatus.UNAUTHORIZED));
+    }
+  },
+
  /**
   * Returns User if user session is still open
   * @param req
@@ -69,7 +101,8 @@ module.exports = (userConfig, User) => ({
   * @returns {*}
   */
  me: (req, res) => {
-    return res.status(200).send(req.user);
+    return res.status(200)
+      .send(req.user);
  },

  /**
--- a/src/auth/routes.js
+++ b/src/auth/routes.js
@@ -13,6 +13,10 @@ const authRoutes = (userConfig, User) => {
    .route('/login')
    .post(auth.login);

+  router
+    .route('/refresh')
+    .post(auth.refresh);
+
  router
    .route('/me')
    .post(passport.authenticate(userConfig.auth.strategy, { session: false }), auth.me);