diff --git a/controllers/refreshTokenController.js b/controllers/refreshTokenController.js index 3d66ada..276ad01 100644 --- a/controllers/refreshTokenController.js +++ b/controllers/refreshTokenController.js @@ -38,35 +38,35 @@ const handleRefreshToken = async (req, res) => { const result = await foundUser.save(); } if (err || foundUser.username !== decoded.username) return res.sendStatus(403); + } + ); - // Refresh token was still valid - const roles = Object.values(foundUser.roles); - const accessToken = jwt.sign( - { - "UserInfo": { - "username": decoded.username, - "roles": roles - } - }, - process.env.ACCESS_TOKEN_SECRET, - { expiresIn: '10s' } - ); + // Refresh token was still valid + const roles = Object.values(foundUser.roles); + const accessToken = jwt.sign( + { + "UserInfo": { + "username": foundUser.username, + "roles": roles + } + }, + process.env.ACCESS_TOKEN_SECRET, + { expiresIn: '10s' } + ); - const newRefreshToken = jwt.sign( - { "username": foundUser.username }, - process.env.REFRESH_TOKEN_SECRET, - { expiresIn: '15s' } - ); - // Saving refreshToken with current user - foundUser.refreshToken = [...newRefreshTokenArray, newRefreshToken]; - const result = await foundUser.save(); + const newRefreshToken = jwt.sign( + { "username": foundUser.username }, + process.env.REFRESH_TOKEN_SECRET, + { expiresIn: '15s' } + ); + // Saving refreshToken with current user + foundUser.refreshToken = [...newRefreshTokenArray, newRefreshToken]; + const result = await foundUser.save(); - // Creates Secure Cookie with refresh token - res.cookie('jwt', newRefreshToken, { httpOnly: true, secure: true, sameSite: 'None', maxAge: 24 * 60 * 60 * 1000 }); + // Creates Secure Cookie with refresh token + res.cookie('jwt', newRefreshToken, { httpOnly: true, secure: true, sameSite: 'None', maxAge: 24 * 60 * 60 * 1000 }); - res.json({ accessToken }) - } - ); + res.json({ accessToken }) } module.exports = { handleRefreshToken } \ No newline at end of file