diff --git a/api/src/controllers/auth.ts b/api/src/controllers/auth.ts index 778e3bfb..737468ef 100644 --- a/api/src/controllers/auth.ts +++ b/api/src/controllers/auth.ts @@ -4,6 +4,7 @@ import { InfoJWT } from '../types' import { generateAccessToken, generateRefreshToken, + getTokensFromDB, removeTokensInDB, saveTokensInDB } from '../utils' @@ -73,6 +74,15 @@ const token = async (data: any): Promise => { AuthController.deleteCode(userInfo.userId, clientId) + // get tokens from DB + const existingTokens = await getTokensFromDB(userInfo.userId, clientId) + if (existingTokens) { + return { + accessToken: existingTokens.accessToken, + refreshToken: existingTokens.refreshToken + } + } + const accessToken = generateAccessToken(userInfo) const refreshToken = generateRefreshToken(userInfo) diff --git a/api/src/controllers/stp.ts b/api/src/controllers/stp.ts index 9085b667..86120eca 100644 --- a/api/src/controllers/stp.ts +++ b/api/src/controllers/stp.ts @@ -92,7 +92,7 @@ const execute = async ( ) if (result instanceof Buffer) { - ; (req as any).sasHeaders = httpHeaders + ;(req as any).sasHeaders = httpHeaders } return result diff --git a/api/src/routes/api/auth.ts b/api/src/routes/api/auth.ts index 34a45df5..f031df90 100644 --- a/api/src/routes/api/auth.ts +++ b/api/src/routes/api/auth.ts @@ -7,7 +7,7 @@ import { authenticateRefreshToken } from '../../middlewares' -import { authorizeValidation, tokenValidation } from '../../utils' +import { tokenValidation } from '../../utils' import { InfoJWT } from '../../types' const authRouter = express.Router() diff --git a/api/src/utils/getTokensFromDB.ts b/api/src/utils/getTokensFromDB.ts new file mode 100644 index 00000000..7b3d3dbe --- /dev/null +++ b/api/src/utils/getTokensFromDB.ts @@ -0,0 +1,34 @@ +import jwt from 'jsonwebtoken' +import User from '../model/User' + +export const getTokensFromDB = async (userId: number, clientId: string) => { + const user = await User.findOne({ id: userId }) + if (!user) return + + const currentTokenObj = user.tokens.find( + (tokenObj: any) => tokenObj.clientId === clientId + ) + + if (currentTokenObj) { + const accessToken = currentTokenObj.accessToken + const refreshToken = currentTokenObj.refreshToken + + const verifiedAccessToken: any = jwt.verify( + accessToken, + process.secrets.ACCESS_TOKEN_SECRET + ) + + const verifiedRefreshToken: any = jwt.verify( + refreshToken, + process.secrets.REFRESH_TOKEN_SECRET + ) + + if ( + verifiedAccessToken?.userId === userId && + verifiedAccessToken?.clientId === clientId && + verifiedRefreshToken?.userId === userId && + verifiedRefreshToken?.clientId === clientId + ) + return { accessToken, refreshToken } + } +} diff --git a/api/src/utils/index.ts b/api/src/utils/index.ts index 32b5b79e..7baf1e2a 100644 --- a/api/src/utils/index.ts +++ b/api/src/utils/index.ts @@ -14,6 +14,7 @@ export * from './getDesktopFields' export * from './getPreProgramVariables' export * from './getRunTimeAndFilePath' export * from './getServerUrl' +export * from './getTokensFromDB' export * from './instantiateLogger' export * from './isDebugOn' export * from './isPublicRoute'