fix the refresh token

Sma1lboy · Feb 5, 2025 · bfe31c0 · bfe31c0
1 parent a87f9c4
commit bfe31c0
Show file tree

Hide file tree

Showing 6 changed files with 14,681 additions and 5,213 deletions.
diff --git a/backend/database.db b/backend/database.db
diff --git a/backend/src/auth/auth.service.ts b/backend/src/auth/auth.service.ts
@@ -17,6 +17,13 @@ import { CheckTokenInput } from './dto/check-token.input';
 import { JwtCacheService } from 'src/auth/jwt-cache.service';
 import { Menu } from './menu/menu.model';
 import { Role } from './role/role.model';
+import { RefreshToken } from './refresh-token/refresh-token.model';
+import { randomUUID } from 'crypto';
+
+interface AuthResponse {
+  accessToken: string;
+  refreshToken: string;
+}
 
 @Injectable()
 export class AuthService {
@@ -57,7 +64,7 @@ export class AuthService {
 
   async login(
     loginUserInput: LoginUserInput,
-  ): Promise<{ accessToken: string }> {
+  ): Promise<AuthResponse> {
     const { username, password } = loginUserInput;
 
     const user = await this.userRepository.findOne({
@@ -78,18 +85,22 @@ export class AuthService {
     const accessToken = this.jwtService.sign(payload);
     this.jwtCacheService.storeToken(accessToken);
 
-    const refreshToken = this.jwtService.sign(payload, {
-      expiresIn: '1d',
-    });
+    const refreshToken = await this.createRefreshToken(user);
+
+    return { 
+      accessToken, 
+      refreshToken: refreshToken.token 
+    };
+  }
 
-    const refreshTokenEntity = this.refreshTokenRepository.create({
-      token: refreshToken,
-      userId: user.id,
+  private async createRefreshToken(user: User): Promise<RefreshToken> {
+    const refreshToken = this.refreshTokenRepository.create({
+      user,
+      token: randomUUID(),
       expiresAt: new Date(Date.now() + 7 * 24 * 60 * 60 * 1000), // 7 days
     });
-    await this.refreshTokenRepository.save(refreshTokenEntity);
 
-    return { accessToken, refreshToken };
+    return this.refreshTokenRepository.save(refreshToken);
   }
 
   async validateToken(params: CheckTokenInput): Promise<boolean> {

diff --git a/backend/src/auth/refresh-token/refresh-token.model.ts b/backend/src/auth/refresh-token/refresh-token.model.ts
@@ -0,0 +1,26 @@
+import { Entity, Column, PrimaryGeneratedColumn, ManyToOne, CreateDateColumn } from 'typeorm';
+import { User } from '../../user/user.model';
+
+@Entity()
+export class RefreshToken {
+  @PrimaryGeneratedColumn('uuid')
+  id: string;
+
+  @Column()
+  token: string;
+
+  @Column()
+  expiresAt: Date;  // Handles token expiration
+
+  @ManyToOne(() => User, { onDelete: 'CASCADE' })
+  user: User;
+
+  @Column()
+  userId: number;
+
+  @CreateDateColumn()
+  createdAt: Date;
+
+  @Column({ default: false })
+  revoked: boolean;
+}
diff --git a/frontend/package.json b/frontend/package.json
@@ -33,6 +33,7 @@
     "@radix-ui/react-separator": "^1.1.1",
     "@radix-ui/react-slot": "^1.1.1",
     "@radix-ui/react-tooltip": "^1.1.6",
+    "@radix-ui/react-visually-hidden": "^1.1.1",
     "@types/dom-speech-recognition": "^0.0.4",
     "class-variance-authority": "^0.7.1",
     "clsx": "^2.1.1",

diff --git a/frontend/src/components/AuthChoiceModal.tsx b/frontend/src/components/AuthChoiceModal.tsx
@@ -18,6 +18,7 @@ export function AuthChoiceModal({
   return (
     <Dialog open={isOpen} onOpenChange={onClose}>
       <DialogContent className="sm:max-w-[425px] fixed top-[50%] left-[50%] transform -translate-x-[50%] -translate-y-[50%]">
+
         <BackgroundGradient className="rounded-[22px] p-4 bg-white dark:bg-zinc-900">
           <div className="w-full p-6 space-y-6">
             <h2 className="text-2xl font-semibold text-center dark:text-white">