LocChat/server/controllers/refresh_tokens.controller.ts

import { Body, Controller, Get, HttpException, Req } from '@nestjs/common';
import { Request } from 'express';
import { UsersService } from 'server/providers/services/users.service';
import { SignInDto } from 'server/dto/sign_in.dto';
import { RefreshTokenBody } from 'server/dto/refresh_token_body.dto';
import { JwtService } from 'server/providers/services/jwt.service';
import { Skip } from 'server/decorators/skip.decorator';
import { AuthGuard } from 'server/providers/guards/auth.guard';
import { RolesService } from 'server/providers/services/roles.service';

// this is kind of a misnomer because we are doing token based auth
// instead of session based auth
@Controller()
export class RefreshTokensController {
  constructor(private usersService: UsersService, private rolesService: RolesService, private jwtService: JwtService) {}

  @Get('/refresh_token')
  @Skip(AuthGuard)
  async get(@Body() body: SignInDto, @Req() req: Request) {
    const refreshToken: string = req.cookies['_refresh_token'];
    if (!refreshToken) {
      throw new HttpException('No refresh token present', 401);
    }

    const tokenBody = this.jwtService.parseRefreshToken(refreshToken) as RefreshTokenBody;

    const user = await this.usersService.find(tokenBody.userId, ['refreshTokens', 'userRoles']);
    const userRoles = await this.rolesService.findByIds(user.userRoles.map((ur) => ur.roleId));

    const userRefreshToken = user.refreshTokens.find((t) => t.id === tokenBody.id);
    if (!userRefreshToken) {
      throw new HttpException('User refresh token not found', 401);
    }

    const token = this.jwtService.issueToken({ userId: user.id, roles: userRoles.map((r) => r.key) });
    return { token };
  }
}
adds api, guard, tailwind 2021-11-23 16:04:12 -05:00			`import { Body, Controller, Get, HttpException, Req } from '@nestjs/common';`
			`import { Request } from 'express';`
			`import { UsersService } from 'server/providers/services/users.service';`
			`import { SignInDto } from 'server/dto/sign_in.dto';`
			`import { RefreshTokenBody } from 'server/dto/refresh_token_body.dto';`
			`import { JwtService } from 'server/providers/services/jwt.service';`
adds roles 2021-12-01 22:18:26 -05:00			`import { Skip } from 'server/decorators/skip.decorator';`
			`import { AuthGuard } from 'server/providers/guards/auth.guard';`
			`import { RolesService } from 'server/providers/services/roles.service';`
adds api, guard, tailwind 2021-11-23 16:04:12 -05:00
			`// this is kind of a misnomer because we are doing token based auth`
			`// instead of session based auth`
			`@Controller()`
			`export class RefreshTokensController {`
adds roles 2021-12-01 22:18:26 -05:00			`constructor(private usersService: UsersService, private rolesService: RolesService, private jwtService: JwtService) {}`
adds api, guard, tailwind 2021-11-23 16:04:12 -05:00
			`@Get('/refresh_token')`
adds roles 2021-12-01 22:18:26 -05:00			`@Skip(AuthGuard)`
adds api, guard, tailwind 2021-11-23 16:04:12 -05:00			`async get(@Body() body: SignInDto, @Req() req: Request) {`
			`const refreshToken: string = req.cookies['_refresh_token'];`
			`if (!refreshToken) {`
			`throw new HttpException('No refresh token present', 401);`
			`}`

			`const tokenBody = this.jwtService.parseRefreshToken(refreshToken) as RefreshTokenBody;`

adds roles 2021-12-01 22:18:26 -05:00			`const user = await this.usersService.find(tokenBody.userId, ['refreshTokens', 'userRoles']);`
			`const userRoles = await this.rolesService.findByIds(user.userRoles.map((ur) => ur.roleId));`

adds api, guard, tailwind 2021-11-23 16:04:12 -05:00			`const userRefreshToken = user.refreshTokens.find((t) => t.id === tokenBody.id);`
			`if (!userRefreshToken) {`
			`throw new HttpException('User refresh token not found', 401);`
			`}`

adds roles 2021-12-01 22:18:26 -05:00			`const token = this.jwtService.issueToken({ userId: user.id, roles: userRoles.map((r) => r.key) });`
adds api, guard, tailwind 2021-11-23 16:04:12 -05:00			`return { token };`
			`}`
			`}`