RageStudio/comty
1
0
Fork 0
mirror of https://github.com/ragestudio/comty.git synced 2025-06-10 02:54:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

improve token generation

Browse Source
This commit is contained in:
SrGooglo 2023-04-08 22:28:24 +00:00
parent 91d7ae8c4a
commit 0bc7776564
3 changed files with 28 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
packages/server/src/controllers/AuthController/endpoints/userLogin.js
View File

@ -18,7 +18,13 @@ export default {
})
}
const token = await Token.createNewAuthToken(user, options)
const token = await Token.createNewAuthToken({
username: user.username,
user_id: user._id.toString(),
ip_address: req.headers["x-forwarded-for"].split(",")[0] || req.socket.remoteAddress,
client: req.headers["user-agent"],
signLocation: global.signLocation,
}, options)
return res.json({ token: token })
})(req, res)

41
packages/server/src/lib/token/index.js
View File

@ -1,7 +1,7 @@
import jwt from "jsonwebtoken"
import { Session, RegenerationToken } from "../../models"
import { Session, RegenerationToken } from "@models"
export async function regenerateSession(expiredToken, refreshToken) {
export async function regenerateSession(expiredToken, refreshToken, aggregateData = {}) {
// search for a regeneration token with the expired token (Should exist only one)
const regenerationToken = await RegenerationToken.findOne({ refreshToken: refreshToken })
@ -60,7 +60,12 @@ export async function regenerateSession(expiredToken, refreshToken) {
}
// generate a new token
const newToken = await createNewAuthToken(decodedExpiredToken, {
const newToken = await createNewAuthToken({
username: decodedExpiredToken.username,
session_uuid: session.session_uuid,
user_id: decodedExpiredToken.user_id,
ip_address: aggregateData.ip_address,
}, {
updateSession: session._id,
})
@ -121,18 +126,7 @@ export async function createNewRegenerationToken(expiredToken) {
return regenerationToken
}
export async function createNewAuthToken(user, options = {}) {
const payload = {
user_id: user._id ?? user.user_id,
username: user.username,
email: user.email,
signLocation: global.signLocation,
}
return await signNewAuthToken(payload, options)
}
export async function signNewAuthToken(payload, options = {}) {
export async function createNewAuthToken(payload, options = {}) {
if (options.updateSession) {
const sessionData = await Session.findOne({ _id: options.updateSession })
@ -141,7 +135,12 @@ export async function signNewAuthToken(payload, options = {}) {
payload.session_uuid = global.nanoid()
}
const token = jwt.sign(payload, global.jwtStrategy.secretOrKey, {
const token = jwt.sign({
session_uuid: payload.session_uuid,
username: payload.username,
user_id: payload.user_id,
signLocation: payload.signLocation,
}, global.jwtStrategy.secretOrKey, {
expiresIn: global.jwtStrategy.expiresIn ?? "1h",
algorithm: global.jwtStrategy.algorithm ?? "HS256"
})
@ -151,16 +150,14 @@ export async function signNewAuthToken(payload, options = {}) {
session_uuid: payload.session_uuid,
username: payload.username,
user_id: payload.user_id,
location: payload.signLocation,
ip_address: payload.ip_address,
client: payload.client,
date: new Date().getTime(),
location: payload.signLocation ?? "rs-auth",
}
if (options.updateSession) {
await Session.findByIdAndUpdate(options.updateSession, {
token: session.token,
date: session.date,
location: session.location,
})
await Session.findByIdAndUpdate(options.updateSession, session)
} else {
let newSession = new Session(session)

2
packages/server/src/models/session/index.js
View File

@ -8,5 +8,7 @@ export default {
user_id: { type: String, required: true },
date: { type: Number, default: 0 },
location: { type: String, default: "Unknown" },
ip_address: { type: String, default: "Unknown" },
client: { type: String, default: "Unknown" },
}
}