Crylia/japanese-srs-trainer-wanikani
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

finish srs system

Browse Source
This commit is contained in:
Rene Kievits
2025-10-27 05:45:38 +01:00
parent 882328c28e
commit 150667f781
19 changed files with 652 additions and 1011 deletions
Download Patch File Download Diff File Expand all files Collapse all files

47
server/src/api/v1/auth/index.ts
View File

@@ -27,7 +27,7 @@ function createRefreshToken(user: any) {
}
router.post('/login', async (req: Request, res: Response) => {
const { email, username, password } = req.body
const { username, password, remember } = req.body
if (!username || !password) return res.status(400).json({ error: 'Missing credentials' })
try {
@@ -40,7 +40,7 @@ router.post('/login', async (req: Request, res: Response) => {
user = await UserModel.create({
username: ldapUser.user.cn,
email: ldapUser.user.dn,
refresh_token: '',
refreshToken: '',
})
}
@@ -51,10 +51,12 @@ router.post('/login', async (req: Request, res: Response) => {
await user.save()
res.cookie('access_token', accessToken, {
httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: 15 * 60 * 1000,
httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: 7 * 24 * 60 * 60 * 1000,
})
res.cookie('refresh_token', refreshToken, {
httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: 7 * 24 * 3600 * 1000,
const refreshMaxAge = remember > 7 ? 365 * 24 * 60 * 60 * 1000 : 7 * 24 * 60 * 60 * 1000
res.cookie('refreshToken', refreshToken, {
httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: refreshMaxAge,
})
res.json({
@@ -72,12 +74,14 @@ router.post('/login', async (req: Request, res: Response) => {
})
router.post('/refresh', async (req: Request, res: Response) => {
const token = req.cookies.refresh_token
const token = req.cookies.refreshToken
if (!token) return res.status(401).json({ error: 'No refresh token' })
try {
const payload = jwt.verify(token, REFRESH_TOKEN_SECRET)
const payload = jwt.verify(token, REFRESH_TOKEN_SECRET) as any
const user = await UserModel.findById(payload.sub)
if (!user || !user.refreshToken === token) return res.status(403).json({ error: 'Invalid refresh token' })
if (!user || user.refreshToken !== token)
return res.status(403).json({ error: 'Invalid refresh token' })
const newAccessToken = createAccessToken(user)
const newRefreshToken = createRefreshToken(user)
@@ -85,20 +89,33 @@ router.post('/refresh', async (req: Request, res: Response) => {
user.refreshToken = newRefreshToken
await user.save()
const existingRefreshCookie = req.cookies.refreshToken
const decodedOld = jwt.decode(existingRefreshCookie) as any
const remainingDays = (decodedOld.exp * 1000 - Date.now()) / (1000 * 60 * 60 * 24)
const refreshMaxAge = remainingDays > 7 ? 365 * 24 * 60 * 60 * 1000 : 7 * 24 * 60 * 60 * 1000
res.cookie('access_token', newAccessToken, {
httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: 15 * 60 * 1000,
httpOnly: true,
sameSite: 'lax',
secure: process.env.NODE_ENV !== 'dev',
maxAge: 15 * 60 * 1000,
})
res.cookie('refresh_token', newRefreshToken, {
httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: 7 * 24 * 3600 * 1000,
res.cookie('refreshToken', newRefreshToken, {
httpOnly: true,
sameSite: 'lax',
secure: process.env.NODE_ENV !== 'dev',
maxAge: refreshMaxAge,
})
res.json({ ok: true })
return res.json({ ok: true })
} catch (error) {
res.status(401).json({ error: 'Invalid refresh token' })
return res.status(401).json({ error: 'Invalid refresh token' })
}
})
router.post('/logout', async (req: Request, res: Response) => {
const token = req.cookies.refresh_token
const token = req.cookies.refreshToken
if (token) {
try {
const payload = jwt.verify(token, REFRESH_TOKEN_SECRET)
@@ -110,7 +127,7 @@ router.post('/logout', async (req: Request, res: Response) => {
} catch { }
}
res.clearCookie('access_token')
res.clearCookie('refresh_token')
res.clearCookie('refreshToken')
res.json({ loggedOut: true })
})