diff --git a/src/accounts/logUserIn.js b/src/accounts/logUserIn.js
index e8f2dcd..a96ce25 100644
--- a/src/accounts/logUserIn.js
+++ b/src/accounts/logUserIn.js
@@ -1,5 +1,5 @@
import { createSession } from './session.js'
-import { createTokens } from './tokens.js'
+import { refreshTokens } from './user.js'
export async function logUserIn(userId, request, reply) {
const connectionInformation = {
@@ -8,20 +8,8 @@ export async function logUserIn(userId, request, reply) {
}
// Create Session
const sessionToken = await createSession(userId, connectionInformation)
+
// Create JWT
- const { accessToken, refreshToken } = await createTokens(sessionToken, userId)
// Set Cookie
- const now = new Date()
- // Get date, 30 days in the future
- const refreshExpires = now.setDate(now.getDate() + 30)
- reply.setCookie('refreshToken', refreshToken, {
- path: "/",
- domain: "localhost",
- httpOnly: true,
- expires: refreshExpires,
- }).setCookie('accessToken', accessToken, {
- path: "/",
- domain: "localhost",
- httpOnly: true,
- })
+ await refreshTokens(sessionToken, userId, reply)
}
\ No newline at end of file
diff --git a/src/accounts/logUserOut.js b/src/accounts/logUserOut.js
new file mode 100644
index 0000000..3f3a865
--- /dev/null
+++ b/src/accounts/logUserOut.js
@@ -0,0 +1,21 @@
+import jwt from 'jsonwebtoken'
+
+const JWTSignature = process.env.JWT_SIGNATURE
+
+export async function logUserOut(request, reply) {
+ try {
+ const { session } = await import("../session/session.js")
+
+ if (request?.cookies?.refreshToken) {
+ const { refreshToken } = request.cookies
+ // Decode refresh token
+ const { sessionToken } = jwt.verify(refreshToken, JWTSignature)
+ // Delete database record for session
+ await session.deleteOne({ sessionToken })
+ }
+ // Remove cookies
+ reply.clearCookie('refreshToken').clearCookie('accessToken')
+ } catch (e) {
+ console.error(e);
+ }
+}
\ No newline at end of file
diff --git a/src/accounts/user.js b/src/accounts/user.js
index cffe381..f50c20e 100644
--- a/src/accounts/user.js
+++ b/src/accounts/user.js
@@ -34,7 +34,6 @@ export async function getUserFromCookies(request, reply) {
const currentUser = await user.findOne({
_id: ObjectId(currentSession.userId)
})
- console.log('currentUser', currentUser);
// Refresh tokens
await refreshTokens(sessionToken, currentUser._id, reply)
// Retrun current user
diff --git a/src/index.js b/src/index.js
index b811861..3b666eb 100644
--- a/src/index.js
+++ b/src/index.js
@@ -8,6 +8,7 @@ import { connectDb } from './db.js'
import { registerUser } from './accounts/register.js'
import { authorizeUser } from './accounts/authorize.js'
import { logUserIn } from './accounts/logUserIn.js'
+import { logUserOut } from './accounts/logUserOut.js'
import { getUserFromCookies } from './accounts/user.js'
// ESM specific "features"
@@ -32,11 +33,44 @@ async function startApp() {
request.body.email,
request.body.password
)
+ if (userId) {
+ await logUserIn(userId, request, reply)
+ reply.send({
+ data: {
+ status: "SUCCESS",
+ userId,
+ },
+ })
+ }
} catch (e) {
console.error('e', e);
+ reply.send({
+ data: {
+ status: "FAILED",
+ userId,
+ },
+ })
}
})
+ app.post('/api/logout', {}, async (request, reply) => {
+ try {
+ await logUserOut(request, reply)
+ reply.send({
+ data: {
+ status: "SUCCESS",
+ },
+ })
+ } catch (e) {
+ console.error('e', e);
+ reply.send({
+ data: {
+ status: "FAILED",
+ userId,
+ },
+ })
+ }
+ })
app.post('/api/authorize', {}, async (request, reply) => {
try {
@@ -48,14 +82,20 @@ async function startApp() {
if (isAuthorized) {
await logUserIn(userId, request, reply)
reply.send({
- data: "User Logged In",
+ data: {
+ status: "SUCCESS",
+ userId,
+ },
})
}
- reply.send({
- data: "Auth Failed",
- })
} catch (e) {
console.error('e', e);
+ reply.send({
+ data: {
+ status: "FAILED",
+ userId,
+ },
+ })
}
})
diff --git a/src/public/index.html b/src/public/index.html
index 8babe20..0614f74 100644
--- a/src/public/index.html
+++ b/src/public/index.html
@@ -24,7 +24,23 @@
+
+
+
+
+
+