implemented authentication with sidebase/nuxt-auth
This commit is contained in:
Johanna Kuehner
50
server/api/auth/refresh.ts
Normal file
50
server/api/auth/refresh.ts
Normal file
@ -0,0 +1,50 @@
|
||||
import { createError, eventHandler, readBody, sendRedirect } from 'h3';
|
||||
import jwt from 'jsonwebtoken';
|
||||
|
||||
const SECRET = 'SECRETTUEITKEY'
|
||||
|
||||
interface User {
|
||||
username: string;
|
||||
id: string;
|
||||
}
|
||||
|
||||
interface JwtPayload extends User {
|
||||
exp: number;
|
||||
}
|
||||
|
||||
export default eventHandler(async (event) => {
|
||||
const body = await readBody<{ refreshToken: string }>(event);
|
||||
|
||||
if (!body.refreshToken) {
|
||||
throw createError({
|
||||
statusCode: 403,
|
||||
statusMessage: 'Unauthorized, no refreshToken in payload'
|
||||
});
|
||||
};
|
||||
|
||||
const decoded = jwt.verify(body.refreshToken, SECRET) as JwtPayload | undefined;
|
||||
|
||||
if (!decoded) {
|
||||
throw createError({
|
||||
statusCode: 403,
|
||||
statusMessage: 'Unauthorized, refreshToken can`t be verified'
|
||||
});
|
||||
};
|
||||
|
||||
|
||||
// decoded.userId exists on JwtPayload, TS falsely wants decoded.id
|
||||
const user: User = {
|
||||
username: decoded.username,
|
||||
id: decoded.userId,
|
||||
};
|
||||
|
||||
const authToken = jwt.sign( user, SECRET, { expiresIn: 60 * 5 }); // expires in 5 min
|
||||
const refreshToken = jwt.sign( user, SECRET, { expiresIn: 60 * 60 * 24 * 7 }); // expires in 7 days
|
||||
|
||||
return {
|
||||
token: {
|
||||
authToken,
|
||||
refreshToken
|
||||
}
|
||||
};
|
||||
})
|
||||
Reference in New Issue
Block a user