Endpoint for getting auth token (#103)

* Added endpoint for exchanging auth token * fixed expiry time * Fixed minor issues and renamed endpoint to getAuthToken
devclub-iitd · Jan 5, 2022 · 4e3d1d5 · 4e3d1d5
1 parent 3358d88
commit 4e3d1d5
Show file tree

Hide file tree

Showing 3 changed files with 58 additions and 12 deletions.
diff --git a/src/config/keys.js b/src/config/keys.js
@@ -4,6 +4,7 @@ const path = require('path');
 export const expTime = 60 * 20;
 export const rememberTime = 60 * 60 * 24 * 2;
 export const reqExpTime = 60;
+export const authExpTime = 2700000;
 export const accessTokenName = 'token';
 export const refreshTokenName = 'rememberme';
 export const iss = 'auth.devclub.in';

diff --git a/src/routes/auth.js b/src/routes/auth.js
@@ -13,6 +13,7 @@ import {
     linkSocial,
     makeid,
     getRequestToken,
+    createJWTToken,
 } from '../utils/utils';
 import {
     accessTokenName,
@@ -431,13 +432,14 @@ router.post('/requestToken', async (req, res) => {
 
 router.get('/verifyRToken', async (req, res) => {
     try {
-        console.log('here');
         const { q } = req.query;
+        verify(q, keys.publicKey, {
+            algorithms: ['RS256'],
+        });
         const { requestToken } = decode(q);
         rtoken.exists = util.promisify(rtoken.exists);
         rtoken.hget = util.promisify(rtoken.hget);
         const exists = await rtoken.exists(requestToken.toString());
-        console.log(exists);
         if (!exists) {
             return res.status(401).json({
                 err: true,
@@ -454,10 +456,6 @@ router.get('/verifyRToken', async (req, res) => {
                 msg: 'No client found',
             });
         }
-
-        verify(requestToken, client.access_token, {
-            algorithms: ['HS256'],
-        });
         rtoken.hmset(requestToken.toString(), {
             cId: clientId,
             uId: user._id.toString(),
@@ -468,7 +466,48 @@ router.get('/verifyRToken', async (req, res) => {
             msg: 'User authenticated successfully',
         });
     } catch (error) {
-        console.log(error);
+        return res.status(401).json({
+            err: true,
+            msg: 'Unauthorized Client',
+        });
+    }
+});
+
+router.post('/getAuthToken', async (req, res) => {
+    try {
+        const { token } = req.body;
+        const { requestToken } = decode(token);
+        rtoken.exists = util.promisify(rtoken.exists);
+        rtoken.hget = util.promisify(rtoken.hget);
+        const exists = await rtoken.exists(requestToken.toString());
+        if (!exists) {
+            return res.status(401).json({
+                err: true,
+                msg: 'Session Expired',
+            });
+        }
+
+        const clientId = await rtoken.hget(requestToken.toString(), 'cId');
+        const userId = await rtoken.hget(requestToken.toString(), 'uId');
+        const client = await Client.findById(clientId);
+
+        if (!client) {
+            return res.status(400).json({
+                err: true,
+                msg: 'No client found',
+            });
+        }
+
+        verify(token, client.access_token, {
+            algorithms: ['HS256'],
+        });
+
+        const user = await User.findById(userId);
+
+        const authToken = createJWTToken(user, keys.authExpTime);
+
+        res.send(authToken);
+    } catch (error) {
         return res.status(401).json({
             err: true,
             msg: 'Unauthorized Client',

diff --git a/src/utils/utils.js b/src/utils/utils.js
@@ -37,7 +37,7 @@ const getRoleData = async (roles) => {
     return data;
 };
 
-const createJWTCookie = (user, res, tokenName = keys.accessTokenName) => {
+const createJWTToken = (user, expiry) => {
     const payload = {
         user: {
             id: user.id,
@@ -50,14 +50,19 @@ const createJWTCookie = (user, res, tokenName = keys.accessTokenName) => {
             isverified: user.isverified,
         },
     };
-    const exp =
-        tokenName === keys.refreshTokenName ? keys.rememberTime : keys.expTime;
-    // create a token
     const token = jwt.sign(payload, keys.privateKey, {
-        expiresIn: exp, // in seconds
+        expiresIn: expiry,
         issuer: keys.iss,
         algorithm: 'RS256',
     });
+    return token;
+};
+
+const createJWTCookie = (user, res, tokenName = keys.accessTokenName) => {
+    const exp =
+        tokenName === keys.refreshTokenName ? keys.rememberTime : keys.expTime;
+    // create a token
+    const token = createJWTToken(user, exp);
 
     // set the cookie with token with the same age as that of token
     res.cookie(tokenName, token, {
@@ -365,4 +370,5 @@ export {
     sendPassResetEmail,
     addRoles,
     getRequestToken,
+    createJWTToken,
 };