Crylia/japanese-srs-trainer-wanikani
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge pull request 'forgot stuff' (#3) from scoring_system into main
All checks were successful
Build and Push Docker Images / build (push) Successful in 2m39s
Details

Browse Source 
Reviewed-on: #3
This commit was merged in pull request #3.
This commit is contained in:
Crylia
2025-10-27 06:11:27 +01:00
parent 695f883649 96458b9e94
commit fade850767
2 changed files with 5 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
client/src/stores/auth.ts
View File

@@ -34,7 +34,6 @@ export const useAuthStore = defineStore('auth', () => {
return true
}
// Token expired or invalid → try refresh
if (res.status === 401) {
const refreshed = await refreshToken()
if (refreshed) return await fetchUser()
@@ -88,7 +87,6 @@ export const useAuthStore = defineStore('auth', () => {
* Refresh the access token using refresh cookie.
*/
async function refreshToken() {
// Skip if no refresh cookie (expired or logged out)
if (!document.cookie.includes('refresh_token')) return false
try {
@@ -116,7 +114,6 @@ export const useAuthStore = defineStore('auth', () => {
function startAutoRefresh() {
if (refreshInterval) clearInterval(refreshInterval)
// Refresh every 7.5 minutes (half of 15m access token)
refreshInterval = setInterval(async () => {
if (!user.value) return
const success = await refreshToken()
@@ -130,7 +127,6 @@ export const useAuthStore = defineStore('auth', () => {
}
}, 7.5 * 60 * 1000)
// Also refresh immediately if tab comes back from background
document.addEventListener('visibilitychange', async () => {
if (document.visibilityState === 'visible' && user.value) {
const success = await refreshToken()

8
server/src/api/v1/auth/index.ts
View File

@@ -14,7 +14,7 @@ function createAccessToken(user: any) {
return jwt.sign(
{ sub: user._id, role: user.role },
ACCESS_TOKEN_SECRET,
{ expiresIn: '15m' },
{ expiresIn: '7d' },
)
}
@@ -53,7 +53,9 @@ router.post('/login', async (req: Request, res: Response) => {
res.cookie('access_token', accessToken, {
httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: 7 * 24 * 60 * 60 * 1000,
})
const refreshMaxAge = remember > 7 ? 365 * 24 * 60 * 60 * 1000 : 7 * 24 * 60 * 60 * 1000
const refreshMaxAge = remember
? 365 * 24 * 60 * 60 * 1000
: 7 * 24 * 60 * 60 * 1000
res.cookie('refreshToken', refreshToken, {
httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: refreshMaxAge,
@@ -79,7 +81,7 @@ router.post('/refresh', async (req: Request, res: Response) => {
try {
const payload = jwt.verify(token, REFRESH_TOKEN_SECRET) as any
const user = await UserModel.findById(payload.sub)
const user = await UserModel.findById(payload.id)
if (!user || user.refreshToken !== token)
return res.status(403).json({ error: 'Invalid refresh token' })