handle expired token and return new token

This commit is contained in:
Javier Segarra 2023-11-04 14:39:26 +01:00
parent 82ee4f6e5b
commit 8c6eab23e5
3 changed files with 30 additions and 12 deletions

View File

@ -0,0 +1,7 @@
module.exports = async(token, accessTokenConfig) => {
const now = new Date();
const differenceMilliseconds = now - token.created;
const differenceSeconds = Math.floor(differenceMilliseconds / 1000);
return differenceSeconds > accessTokenConfig.renewPeriod - accessTokenConfig.courtesyTime;
};

View File

@ -1,5 +1,12 @@
const UserError = require('vn-loopback/util/user-error'); const UserError = require('vn-loopback/util/user-error');
const handlePromiseLogout = (Self, {id}, courtesyTime = 60) => {
new Promise(res => {
setTimeout(() => {
res(Self.logout(id));
}
, courtesyTime * 1000);
});
};
module.exports = Self => { module.exports = Self => {
Self.remoteMethodCtx('renewToken', { Self.remoteMethodCtx('renewToken', {
description: 'Checks if the token has more than renewPeriod seconds to live and if so, renews it', description: 'Checks if the token has more than renewPeriod seconds to live and if so, renews it',
@ -19,17 +26,16 @@ module.exports = Self => {
const models = Self.app.models; const models = Self.app.models;
const token = ctx.req.accessToken; const token = ctx.req.accessToken;
const now = new Date(); // Check if current token is valid
const differenceMilliseconds = now - token.created; const isValid = await Self.validateToken(token);
const differenceSeconds = Math.floor(differenceMilliseconds / 1000); if (!isValid) throw new UserError(`The renew period has not been exceeded`, 'periodNotExceeded');
const fields = ['courtesyTime'];
const {courtesyTime} = await models.AccessTokenConfig.findOne({fields});
const fields = ['renewPeriod', 'courtesyTime']; // Schedule to remove current token
const accessTokenConfig = await models.AccessTokenConfig.findOne({fields}); handlePromiseLogout(Self, token, courtesyTime);
if (differenceSeconds < accessTokenConfig.renewPeriod - accessTokenConfig.courtesyTime) // Create new accessToken
throw new UserError(`The renew period has not been exceeded`, 'periodNotExceeded');
await Self.logout(token.id);
const user = await Self.findById(token.userId); const user = await Self.findById(token.userId);
const accessToken = await user.createAccessToken(); const accessToken = await user.createAccessToken();

View File

@ -1,3 +1,5 @@
const isTokenValid = require('./is-token-valid');
module.exports = Self => { module.exports = Self => {
Self.remoteMethod('validateToken', { Self.remoteMethod('validateToken', {
description: 'Validates the current logged user token', description: 'Validates the current logged user token',
@ -11,7 +13,10 @@ module.exports = Self => {
} }
}); });
Self.validateToken = async function() { Self.validateToken = async function(token) {
return true; const fields = ['renewPeriod', 'courtesyTime'];
const accessTokenConfig = await Self.app.models.AccessTokenConfig.findOne({fields});
const isValid = await isTokenValid(token, accessTokenConfig);
return isValid;
}; };
}; };