UNPKG

@w3lcome/feathers-refresh-token

Version:
67 lines 2.88 kB
"use strict"; var __importDefault = (this && this.__importDefault) || function (mod) { return (mod && mod.__esModule) ? mod : { "default": mod }; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.refreshAccessToken = void 0; const errors_1 = require("@feathersjs/errors"); const debug_1 = __importDefault(require("debug")); const common_1 = require("./common"); const debug = debug_1.default('feathers-refresh-token'); /* Before create hook refresh token service to refresh access token * data: post data with userId and refresh token * this hook must be un-protected because when client call refresh-access-token API existing * access-token already expired. */ exports.refreshAccessToken = () => { return async (context) => { var _a; const { data, app, type, params, method } = context; const config = common_1.loadConfig(app); if (method !== 'create') { throw new Error('refreshAccessToken hook must be used with create method!'); } //refresh Token only valid for before token and called from external if (type !== 'before') { throw new Error('refreshAccessToken hook must be used with before hook'); } // for internal call, simply return context if (!params.provider) { debug('Internal API call for refresh token, simply return context'); return context; } const { entity, userEntityId, authService } = config; //! validating user input [entity, userEntityId].forEach((p) => { if (p in data) return; throw new errors_1.BadRequest(`${p} is missing from request`); }); const { existingToken, verifyResult: tokenVerifyResult } = await common_1.lookupRefreshToken(context, config, { userId: data[userEntityId], refreshToken: data[entity] }); debug('Find existing refresh token result', existingToken); // Refresh token not exists if (!existingToken) { throw new errors_1.NotAuthenticated(); } // Input data[userIdFiled] must match the sub in Refresh Token if (`${tokenVerifyResult.sub}` !== `${data[userEntityId]}`) { console.log(params); throw new Error(`Invalid token`); } debug('Creating new access token'); // ! create new access token with default jwtOptions and secret const accessToken = await ((_a = app.service(authService)) === null || _a === void 0 ? void 0 : _a.createAccessToken({ sub: data[userEntityId] })); debug('Issued new access token', accessToken); // return new access token context.result = { accessToken }; return context; }; }; //# sourceMappingURL=refresh-access-token.js.map