const loginUser = async(foundUser,password,res) =>{
const hashedPass = await hash.MD5(password)
if(hashedPass !== foundUser.password){
return res.status(401).json({
"result":false,
error:'Invalid username/password'
});
}
const access_token = generateAccessToken({username:foundUser.username, firstname:foundUser.fname});
const refresh_token = generateRefreshToken({username:foundUser.username, firstname:foundUser.fname});
res.cookie("refreshtoken", refresh_token,{
httpOnly:true,
path:`/api/refresh_token`,
maxAge: 30*24*60*60*1000, //30 days
})
res.status(200).json({
"result":true,
"jwt":access_token,
"message":"Signin success"
})
}
refreshToken:async(req,res)=>{
try {
const rf_token = req.cookies.refreshtoken;
if (!rf_token) return res.status(400).json({ msg: "Please login first" });
const decoded = (
JWT.verify(rf_token, `${process.env.SECRET_REFRESH_TOKEN}`)
)
if (!decoded) return res.status(400).json({ msg: "Please login first" });
fs.readFile('userInfo.json',(err,data)=>{
if(err) throw err;
const allUsers = JSON.parse(data);
const user = allUsers.find((user)=>{
return user.username === decoded.username
})
console.log(user)
if(!user) return res.status(400).json({msg:'This account doesnot exist'})
const access_token = generateAccessToken({
username:user.username,
firstname:user.fname
})
res.json({
"result":"true",
"data":user,
access_token
});
})
//
} catch (err) {
return res.status(500).json({msg:err.message})
}
}
const JWT = require('jsonwebtoken');
const auth = async(req,res,next) =>{
try {
const token = req.headers["authorization"];
if(!token) return res.status(401).json({
"result":false,
"error":"Please provide a JWT token"
})
const authToken = token.split(' ')[1];
console.log({authToken})
console.log(process.env.SECRET_ACCESS_TOKEN)
const decoded = JWT.verify(authToken, `${process.env.SECRET_ACCESS_TOKEN}`);
console.log({decoded})
if(!decoded) return res.status(400).json({
"result":false,
"error":"JWT Verification Failed"
})
req.username = decoded.username;
next()
} catch (err) {
return res.status(500).json({msg:err.message});
}
}
module.exports = auth;
const JWT = require('jsonwebtoken');
const generateAccessToken = (payload) =>{
return JWT.sign(payload, `${process.env.SECRET_ACCESS_TOKEN}`, {expiresIn:'10m'})
}
const generateRefreshToken = (payload) =>{
return JWT.sign(payload, `${process.env.SECRET_REFRESH_TOKEN}`,{expiresIn:'30d'})
}
module.exports = {generateAccessToken, generateRefreshToken}
Below code is of authentication when user tries to access his information.
I searched for any other answers but they are saying that token might be invalid which isn't the case here !
I am getting both authToken and process.env.SECRET_ACCESS_TOKEN value correctly.
still getting unexpected token error.
Please help me . If you need any other resource please comment it down