refresh endpoint

Author: jordicher

src/auth/controllers/auth.controller.ts

@@ -1,8 +1,9 @@
-import { Controller, Get, Post, Request, UseGuards } from '@nestjs/common';
+import { Controller, Get, Post, Req, Request, UseGuards } from '@nestjs/common';
 import { ApiBearerAuth, ApiBody, ApiTags } from '@nestjs/swagger';
 import { User } from '../../users/entities/user.entity';
 import { LoginDto } from '../dto/login.dto';
 import { JwtAuthGuard } from '../guards/jwt-auth.guard';
+import JwtRefreshGuard from '../guards/jwt-refresh.guard';
 import { LocalAuthGuard } from '../guards/local-auth.guard';
 import { AuthService } from '../services/auth.service';
 
@@ -25,4 +26,10 @@ export class AuthController {
   async logOut(@Request() req: { user: User }) {
     await this.authService.logout(req.user);
   }
+
+  @UseGuards(JwtRefreshGuard)
+  @Get('refresh')
+  refresh(@Req() request: { user: User }) {
+    return this.authService.jwtRefreshToken(request.user);
+  }
 }

src/auth/guards/jwt-refresh.guard.ts

@@ -0,0 +1,5 @@
+import { Injectable } from '@nestjs/common';
+import { AuthGuard } from '@nestjs/passport';
+
+@Injectable()
+export default class JwtRefreshGuard extends AuthGuard('jwt-refresh-token') {}

src/auth/services/auth.service.ts

@@ -46,6 +46,7 @@ export class AuthService {
       accessToken,
       user: userData,
       cookie,
+      refreshToken,
     };
   }
 
@@ -60,10 +61,6 @@ export class AuthService {
   jwtRefreshToken(user: User) {
     const payload: PayloadToken = { role: user.role, id: user.id };
 
-    console.log(
-      this.configService.get('JWT_REFRESH_SECRET'),
-      this.configService.get('REFRESH_TOKEN_EXPIRATION'),
-    );
     const refreshToken = this.jwtService.sign(payload, {
       secret: this.configService.get('JWT_REFRESH_SECRET'),
       expiresIn: `${this.configService.get('REFRESH_TOKEN_EXPIRATION')}`,

src/auth/strategies/jwt-refresh.strategy.ts

@@ -0,0 +1,36 @@
+import { Injectable } from '@nestjs/common';
+import { ConfigService } from '@nestjs/config';
+import { PassportStrategy } from '@nestjs/passport';
+import { Request } from 'express';
+import { ExtractJwt, Strategy } from 'passport-jwt';
+import { UsersService } from '../../users/services/users.service';
+import { PayloadToken } from '../models/token.model';
+
+@Injectable()
+export class JwtRefreshTokenStrategy extends PassportStrategy(
+  Strategy,
+  'jwt-refresh-token',
+) {
+  constructor(
+    private readonly configService: ConfigService,
+    private readonly userService: UsersService,
+  ) {
+    super({
+      jwtFromRequest: ExtractJwt.fromExtractors([
+        (request: Request) => {
+          return request?.cookies?.Refresh;
+        },
+      ]),
+      secretOrKey: configService.get('JWT_REFRESH_TOKEN_SECRET'),
+      passReqToCallback: true,
+    });
+  }
+
+  async validate(request: Request, payload: PayloadToken) {
+    const refreshToken = request.cookies?.Refresh;
+    return this.userService.getUserIfRefreshTokenMatches(
+      refreshToken,
+      payload.id,
+    );
+  }
+}

src/users/services/users.service.ts

@@ -55,7 +55,6 @@ export class UsersService {
 
   async setCurrentRefreshToken(refreshToken: string, userId: number) {
     const currentHashedRefreshToken = await bcrypt.hash(refreshToken, 10);
-    console.log(currentHashedRefreshToken, userId);
     return await this.userRepository.update(userId, {
       refreshToken: currentHashedRefreshToken,
     });
@@ -71,4 +70,17 @@ export class UsersService {
       },
     );
   }
+
+  async getUserIfRefreshTokenMatches(refreshToken: string, userId: number) {
+    const user = await this.findById(userId);
+
+    const isRefreshTokenMatching = await bcrypt.compare(
+      refreshToken,
+      user.refreshToken,
+    );
+
+    if (isRefreshTokenMatching) {
+      return user;
+    }
+  }
 }