Crylia/japanese-srs-trainer-wanikani
1
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: Crylia:695f88364931ae6ed5ecc3343c6ccdd885d38cc5
Branches Tags
Crylia:main
...
compare: Crylia:fade850767afa8a4ddd6e4fb222707c4148b9240
Branches Tags
Crylia:main

2 Commits
695f883649 ... fade850767

Author SHA1 Message Date
Crylia
fade850767 Merge pull request 'forgot stuff' (#3) from scoring_system into main
All checks were successful
Build and Push Docker Images / build (push) Successful in 2m39s
Details 
Reviewed-on: #3
 2025-10-27 06:11:27 +01:00
Rene Kievits
96458b9e94 forgot stuff 2025-10-27 06:10:53 +01:00
2 changed files with 5 additions and 7 deletions
Expand all files Collapse all files

4
client/src/stores/auth.ts
View File

@@ -34,7 +34,6 @@ export const useAuthStore = defineStore('auth', () => {
return true return true
} }
// Token expired or invalid → try refresh
if (res.status === 401) { if (res.status === 401) {
const refreshed = await refreshToken() const refreshed = await refreshToken()
if (refreshed) return await fetchUser() if (refreshed) return await fetchUser()
@@ -88,7 +87,6 @@ export const useAuthStore = defineStore('auth', () => {
* Refresh the access token using refresh cookie. * Refresh the access token using refresh cookie.
*/ */
async function refreshToken() { async function refreshToken() {
// Skip if no refresh cookie (expired or logged out)
if (!document.cookie.includes('refresh_token')) return false if (!document.cookie.includes('refresh_token')) return false
try { try {
@@ -116,7 +114,6 @@ export const useAuthStore = defineStore('auth', () => {
function startAutoRefresh() { function startAutoRefresh() {
if (refreshInterval) clearInterval(refreshInterval) if (refreshInterval) clearInterval(refreshInterval)
// Refresh every 7.5 minutes (half of 15m access token)
refreshInterval = setInterval(async () => { refreshInterval = setInterval(async () => {
if (!user.value) return if (!user.value) return
const success = await refreshToken() const success = await refreshToken()
@@ -130,7 +127,6 @@ export const useAuthStore = defineStore('auth', () => {
} }
}, 7.5 * 60 * 1000) }, 7.5 * 60 * 1000)
// Also refresh immediately if tab comes back from background
document.addEventListener('visibilitychange', async () => { document.addEventListener('visibilitychange', async () => {
if (document.visibilityState === 'visible' && user.value) { if (document.visibilityState === 'visible' && user.value) {
const success = await refreshToken() const success = await refreshToken()

8
server/src/api/v1/auth/index.ts
View File

@@ -14,7 +14,7 @@ function createAccessToken(user: any) {
return jwt.sign( return jwt.sign(
{ sub: user._id, role: user.role }, { sub: user._id, role: user.role },
ACCESS_TOKEN_SECRET, ACCESS_TOKEN_SECRET,
{ expiresIn: '15m' }, { expiresIn: '7d' },
) )
} }
@@ -53,7 +53,9 @@ router.post('/login', async (req: Request, res: Response) => {
res.cookie('access_token', accessToken, { res.cookie('access_token', accessToken, {
httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: 7 * 24 * 60 * 60 * 1000, httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: 7 * 24 * 60 * 60 * 1000,
}) })
const refreshMaxAge = remember > 7 ? 365 * 24 * 60 * 60 * 1000 : 7 * 24 * 60 * 60 * 1000 const refreshMaxAge = remember
? 365 * 24 * 60 * 60 * 1000
: 7 * 24 * 60 * 60 * 1000
res.cookie('refreshToken', refreshToken, { res.cookie('refreshToken', refreshToken, {
httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: refreshMaxAge, httpOnly: true, sameSite: 'lax', secure: process.env.NODE_ENV !== 'dev', maxAge: refreshMaxAge,
@@ -79,7 +81,7 @@ router.post('/refresh', async (req: Request, res: Response) => {
try { try {
const payload = jwt.verify(token, REFRESH_TOKEN_SECRET) as any const payload = jwt.verify(token, REFRESH_TOKEN_SECRET) as any
const user = await UserModel.findById(payload.sub) const user = await UserModel.findById(payload.id)
if (!user || user.refreshToken !== token) if (!user || user.refreshToken !== token)
return res.status(403).json({ error: 'Invalid refresh token' }) return res.status(403).json({ error: 'Invalid refresh token' })