yogiedigital/cod-api
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: yogiedigital:6212048aecae4fa4fea372ccacc55ad96be739b1
Branches Tags
yogiedigital:main yogiedigital:wisdom
...
compare: yogiedigital:c0aca9ea87b3aa1931b373c376c0797fe9b86a9a
Branches Tags
yogiedigital:wisdom yogiedigital:main

10 Commits
6212048aec ... c0aca9ea87

Author SHA1 Message Date
Antony Kurniawan
c0aca9ea87 update: routes 2025-09-26 11:06:04 +07:00
Antony Kurniawan
7b2509ffa1 update: auth routes 2025-09-26 11:05:49 +07:00
Antony Kurniawan
050529cf78 auth.route.js 2025-09-26 11:05:35 +07:00
Antony Kurniawan
d41c0421c4 fix: verify token 2025-09-26 11:05:19 +07:00
Antony Kurniawan
373b707954 move to auth validation 2025-09-26 11:04:51 +07:00
Antony Kurniawan
b022e86e02 fix: set response 2025-09-26 11:04:04 +07:00
Antony Kurniawan
6f66f0c2f3 add: auth validation 2025-09-26 11:03:47 +07:00
Antony Kurniawan
a28c3c22d9 update: user db 2025-09-26 11:03:35 +07:00
Antony Kurniawan
8142ceda30 fix: auth controller 2025-09-26 10:59:47 +07:00
Antony Kurniawan
ce64671551 hide package-lock 2025-09-26 10:58:56 +07:00
14 changed files with 467 additions and 260 deletions
Expand all files Collapse all files

1
.gitignore vendored
View File

@@ -3,3 +3,4 @@ node_modules
.vscode .vscode
request.http request.http
*.rest *.rest
package-lock.json

121
controllers/auth.controller.js
View File

@@ -1,26 +1,103 @@
const authService = require("../services/auth.service"); const AuthService = require('../services/auth.service');
const { registerSchema, loginSchema } = require('../helpers/authValidation');
const { setResponse } = require('../helpers/utils');
const { createCaptcha } = require('../utils/captcha');
const loginUser = async (req, res) => { class AuthController {
const { username, password, role, tenant } = req.body;
const { token, refreshToken, user } = await authService.login( // Registration
username, static async register(req, res) {
password, try {
tenant const { error, value } = registerSchema.validate(req.body, { abortEarly: false });
if (error) {
// kumpulkan pesan error per field
const errors = error.details.reduce((acc, cur) => {
const field = Array.isArray(cur.path) ? cur.path.join('.') : String(cur.path);
if (!acc[field]) acc[field] = [];
acc[field].push(cur.message);
return acc;
}, {});
return res.status(400).json(
setResponse(errors, 'Validation failed', 400)
);
}
// Normalisasi phone menjadi +62
if (value.phone && value.phone.startsWith('0')) {
value.phone = '+62' + value.phone.slice(1);
}
const user = await AuthService.register(value);
return res.status(201).json(
setResponse(user, 'User registered successfully', 201)
); );
res.header("auth-token", token); } catch (err) {
res.cookie("refreshToken", refreshToken, { return res.status(err.statusCode || 500).json(
httpOnly: true, setResponse([], err.message || 'Register failed', err.statusCode || 500)
sameSite: process.env.NODE_ENV === "development" ? true : "none", );
secure: process.env.NODE_ENV === "development" ? false : true, }
}); }
res.status(200).json({
token,
refreshToken,
user,
});
};
module.exports = {
loginUser, static async generateCaptcha(req, res) {
}; try {
const { svg, text } = createCaptcha();
return res.status(200).json({
data: { svg, text }
});
} catch (err) {
return res.status(500).json(setResponse([], 'Captcha failed', 500));
}
}
static async login(req, res) {
try {
const { error, value } = loginSchema.validate(req.body, { abortEarly: false });
if (error) return res.status(400).json(setResponse([], 'Validation failed', 400));
const { email, password, captcha, captchaText } = value;
// verify captcha
if (!captcha || captcha.toLowerCase() !== captchaText.toLowerCase()) {
return res.status(400).json(setResponse([], 'Invalid captcha', 400));
}
const { user, tokens } = await AuthService.login({ email, password });
return res.status(200).json(setResponse({ user, tokens }, 'Login successful', 200));
} catch (err) {
return res.status(err.statusCode || 500).json(
setResponse([], err.message || 'Login failed', err.statusCode || 500)
);
}
}
// // Verify Captcha (secure)
// static async verifyCaptcha(req, res) {
// const { userInput } = req.body;
// if (!userInput || !req.session.captcha) {
// return res.status(400).json(
// setResponse([], 'Missing data', 400)
// );
// }
// if (userInput.toLowerCase() === req.session.captcha.toLowerCase()) {
// req.session.captcha = null; // one-time use
// return res.json(
// setResponse([], 'Captcha is valid', 200)
// );
// } else {
// return res.status(400).json(
// setResponse([], 'Invalid captcha', 400)
// );
// }
// }
}
module.exports = AuthController;

185
db/user.db.js
View File

@@ -1,131 +1,108 @@
const pool = require("../config"); const pool = require("../config");
const getAllUsersDb = async (param) => { // Get all users
// limit & offset masuk fixed param const getAllUsersDb = async () => {
let fixedParams = [param.fixed.limit, param.fixed.offset, param.fixed.tenantID]; const queryText = `
SELECT u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone,
const { whereOrConditions, whereParam } = pool.buildStringOrIlike( u.is_active, u.created_at, u.updated_at, u.deleted_at,
param.filterCriteria.column, u.updated_by, u.deleted_by,
param.filterCriteria.criteria, r.role_id, r.role_name
fixedParams FROM users u
); LEFT JOIN roles r ON u.role_id = r.role_id
const { whereConditions, queryParams } = pool.buildFilterQuery(param.filterQuery, whereParam);npm WHERE u.deleted_at IS NULL
ORDER BY u.user_id ASC
const query = `
SELECT mut.*, mr.role_name, COUNT(*) OVER() AS total
FROM m_users mut
LEFT JOIN system.role_tenant mr ON mr.role_id = mut.role_id
WHERE mut.deleted_at IS NULL AND mut.is_sa != 1 AND mut.tenant_id = $3
${whereConditions.length > 0 ? ` AND ${whereConditions.join(" AND ")}` : ""}
${whereOrConditions ? whereOrConditions : ""}
ORDER BY mut.user_id
OFFSET $2 ROWS FETCH NEXT $1 ROWS ONLY
`; `;
const result = await pool.query(queryText);
const result = await pool.query(query, queryParams); return result.recordset;
const rows = result.recordset;
const total = rows.length > 0 ? parseInt(rows[0].total, 10) : 0;
return { data: rows, total };
}; };
const createUserDb = async (param) => { // Get user by ID
const insertData = { const getUserByIdDb = async (id) => {
tenant_id: param.tenantID, const queryText = `
user_fullname: param.userFullname, SELECT u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone,
user_name: param.userName, u.is_active, u.created_at, u.updated_at, u.deleted_at,
user_email: param.userEmail ?? null, u.updated_by, u.deleted_by,
user_password: param.userPassword, r.role_id, r.role_name
role_id: param.roleId ?? null, FROM users u
is_active: param.isActive ? 1 : 0, LEFT JOIN roles r ON u.role_id = r.role_id
created_by: param.userID, WHERE u.user_id = $1 AND u.deleted_at IS NULL
updated_by: param.userID, `;
}; const result = await pool.query(queryText, [id]);
const { query, values } = pool.buildDynamicInsert("m_users", insertData);
const result = await pool.query(query, values);
return result.recordset[0]; return result.recordset[0];
}; };
const getUserByIdDb = async (id) => { // Get user by email (login)
const query = ` const getUserByUserEmailDb = async (email) => {
SELECT mut.* const queryText = `
FROM m_users mut SELECT u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone,
WHERE mut.user_id = $1 u.user_password, u.is_active, u.is_sa,
r.role_id, r.role_name
FROM users u
LEFT JOIN roles r ON u.role_id = r.role_id
WHERE u.user_email = $1 AND u.deleted_at IS NULL
`; `;
const result = await pool.query(query, [id]); const result = await pool.query(queryText, [email]);
return result.recordset[0]; return result.recordset[0];
}; };
const getUserByUsernameDb = async (username) => { const getUserByUsernameDb = async (username) => {
const query = ` const queryText = `
SELECT mut.* SELECT u.user_id, u.user_fullname, u.user_name, u.user_email, u.user_phone, u.user_password,
FROM m_users mut u.is_active, u.role_id,
WHERE LOWER(mut.username) = LOWER($1) r.role_name
FROM users u
LEFT JOIN roles r ON u.role_id = r.role_id
WHERE u.user_name = $1 AND u.deleted_at IS NULL
`; `;
const result = await pool.query(query, [username]); const result = await pool.query(queryText, [username]);
return result.recordset[0]; return result.recordset[0];
}; };
const getUserByUserEmailDb = async (userEmail) => { // Create user
const query = ` const createUserDb = async (data) => {
SELECT mut.* const { query: queryText, values } = pool.buildDynamicInsert("users", data);
FROM m_users mut const result = await pool.query(queryText, values);
WHERE LOWER(mut.user_email) = LOWER($1) return result.recordset[0]?.inserted_id || null;
};
// Update user
const updateUserDb = async (userId, data) => {
const { query: queryText, values } = pool.buildDynamicUpdate("users", data, { user_id: userId });
await pool.query(queryText, values);
return true;
};
// Change user password
const changeUserPasswordDb = async (userId, newPassword) => {
const queryText = `
UPDATE users
SET user_password = $1, updated_at = GETDATE()
WHERE user_id = $2 AND deleted_at IS NULL
`; `;
const result = await pool.query(query, [userEmail]); await pool.query(queryText, [newPassword, userId]);
return result.recordset[0]; return true;
}; };
const updateUserDb = async (param) => { // Soft delete user
const updateData = { const deleteUserDb = async (userId, deletedBy) => {
tenant_id: param.tenantID, const queryText = `
user_fullname: param.userFullname, UPDATE users
user_name: param.userName, SET deleted_at = GETDATE(),
user_email: param.userEmail ?? null, deleted_by = $1
user_password: param.userPassword, WHERE user_id = $2
role_id: param.roleId ?? null,
is_active: param.isActive ? 1 : 0,
updated_by: param.userID,
};
const whereData = { user_id: param.id };
const { query, values } = pool.buildDynamicUpdate("m_users", updateData, whereData);
const result = await pool.query(query, values);
return result.recordset[0];
};
const deleteUserDb = async (id, userID) => {
const query = `
UPDATE m_users
SET deleted_at = GETDATE(), deleted_by = $1
WHERE user_id = $2;
SELECT * FROM m_users WHERE user_id = $2
`; `;
const result = await pool.query(query, [userID, id]); await pool.query(queryText, [deletedBy, userId]);
return result.recordset[0]; return true;
}; };
const changeUserPasswordDb = async (hashedPassword, userEmail, tenantId) => { // Get all roles
const query = ` const getAllRoleDb = async () => {
UPDATE m_users const queryText = `
SET user_password = $1 SELECT role_id, role_name
WHERE user_email = $2 AND tenant_id = $3 FROM roles
ORDER BY role_id ASC
`; `;
return pool.query(query, [hashedPassword, userEmail, tenantId]); const result = await pool.query(queryText);
};
const getAllRoleDb = async (tenantId) => {
const query = `
SELECT *
FROM system.role_tenant
WHERE deleted_at IS NULL AND tenant_id = $1
`;
const result = await pool.query(query, [tenantId]);
return result.recordset; return result.recordset;
}; };

36
helpers/authValidation.js Normal file
View File

@@ -0,0 +1,36 @@
const Joi = require('joi');
const registerSchema = Joi.object({
fullname: Joi.string().min(3).max(100).required(),
username: Joi.string().alphanum().min(3).max(50).required(),
email: Joi.string().email().required(),
phone: Joi.string()
.pattern(/^(?:\+62|0)8\d{7,10}$/)
.required()
.messages({
'string.pattern.base': 'Phone number must be a valid Indonesian number in format +628XXXXXXXXX'
}),
password: Joi.string()
.min(8)
.pattern(/[A-Z]/, 'uppercase letter')
.pattern(/[a-z]/, 'lowercase letter')
.pattern(/\d/, 'number')
.pattern(/[!@#$%^&*(),.?":{}|<>]/, 'special character')
.required()
.messages({
'string.min': 'Password must be at least 8 characters long',
'string.pattern.name': 'Password must contain at least one {#name}'
})
});
const loginSchema = Joi.object({
email: Joi.string().email().required(),
password: Joi.string().required(),
captcha: Joi.string().required(),
captchaText: Joi.string().required()
});
module.exports = {
registerSchema,
loginSchema
};

12
helpers/utils.js
View File

@@ -1,12 +1,12 @@
const setResponse = async (data = [], message = "success", statusCode = 200) => { const setResponse = (data = null, message = "success", statusCode = 200) => {
const response = { const total = Array.isArray(data) ? data.length : null;
return {
data, data,
total: data.length, total,
message, message,
statusCode statusCode
} };
return response
}; };
const setResponsePaging = async (data = [], total, limit, page, message = "success", statusCode = 200) => { const setResponsePaging = async (data = [], total, limit, page, message = "success", statusCode = 200) => {

9
helpers/validateUser.js
View File

@@ -1,9 +0,0 @@
const validateUser = (email, password) => {
const validEmail = typeof email === "string" && email.trim() !== "";
const validPassword =
typeof password === "string" && password.trim().length >= 6;
return validEmail && validPassword;
};
module.exports = validateUser;

84
middleware/verifyToken.js
View File

@@ -1,47 +1,57 @@
const jwt = require("jsonwebtoken"); const JWTService = require('../utils/jwt');
const { ErrorHandler } = require("../helpers/error"); const { ErrorHandler } = require('../helpers/error');
const verifyToken = (req, res, next) => { function setUser(req, decoded) {
const authHeader = req.header("Authorization"); req.user = {
// console.log("authHeader", authHeader) userId: decoded.user_id,
fullname: decoded.user_fullname,
// Pastikan header Authorization ada dan berisi token username: decoded.user_name,
if (!authHeader || !authHeader.startsWith("Bearer ")) { email: decoded.user_email,
throw new ErrorHandler(401, "Token missing or invalid"); roleId: decoded.role_id,
roleName: decoded.role_name
};
} }
// Ambil token dari header Authorization function verifyAccessToken(req, res, next) {
const token = authHeader.split(" ")[1];
try { try {
// const decoded = jwt.decode(token, { complete: true }); let token = req.cookies?.accessToken;
// console.log("decoded", decoded)
// console.log("==============================")
// console.log("token", token)
// console.log("process.env.SECRET", process.env.SECRET)
// // console.log("==============================> ", jwt.verify(token, process.env.SECRET))
// jwt.verify(token, process.env.SECRET, (err, decoded) => {
// if (err) {
// console.error('Error verifying token: ==============================>', err.message);
// } else {
// console.log('Decoded payload: ==============================>', decoded);
// }
// });
const verified = jwt.verify(token, process.env.SECRET); if (!token) {
req.tokenExtract = verified; const authHeader = req.headers.authorization;
// console.log(req.tokenExtract); if (!authHeader || !authHeader.startsWith('Bearer')) {
throw new ErrorHandler(401, 'Access Token is required');
}
token = authHeader.split(' ')[1];
}
req.userID = req.tokenExtract.user_id const decoded = JWTService.verifyToken(token);
req.tenantID = req.tokenExtract.tenant_id setUser(req, decoded);
req.roleID = req.tokenExtract.role_id
req.body.userID = req.tokenExtract.user_id
req.body.tenantID = req.tokenExtract.tenant_id
req.query.tenantID = req.tokenExtract.tenant_id
next(); next();
} catch (error) { } catch (error) {
throw new ErrorHandler(401, error.message || "Invalid Token"); if (error.name === 'TokenExpiredError' || error.name === 'JsonWebTokenError') {
return next(new ErrorHandler(401, error.message));
}
next(new ErrorHandler(500, 'Authenticate verification failed'));
}
} }
};
module.exports = verifyToken; function verifyRefreshToken(req, res, next) {
try {
const refreshToken = req.cookies?.refreshToken;
if (!refreshToken) {
throw new ErrorHandler(401, 'Refresh Token is required');
}
const decoded = JWTService.verifyRefreshToken(refreshToken);
setUser(req, decoded);
next();
} catch (error) {
next(new ErrorHandler(500, 'Refresh token verification failed'));
}
}
module.exports = {
verifyAccessToken,
verifyRefreshToken,
};

8
routes/auth.js
View File

@@ -1,8 +0,0 @@
const router = require("express").Router();
const {
loginUser,
} = require("../controllers/auth.controller");
router.post("/login", loginUser);
module.exports = router;

11
routes/auth.route.js Normal file
View File

@@ -0,0 +1,11 @@
const express = require('express');
const authController = require("../controllers/auth.controller");
const router = express.Router();
router.post('/login', authController.login);
router.post('/register', authController.register);
router.get('/generate-captcha', authController.generateCaptcha);
// router.post('/verify-captcha', authController.verifyCaptcha);
module.exports = router;

6
routes/index.js
View File

@@ -1,8 +1,8 @@
const router = require("express").Router(); const router = require("express").Router();
const auth = require("./auth"); const auth = require("./auth.route");
const users = require("./users"); const users = require("./users.route");
router.use("/auth", auth); router.use("/auth", auth);
router.use("/users", users); router.use("/user", users);
module.exports = router; module.exports = router;

15
routes/users.js → routes/users.route.js
View File

@@ -14,20 +14,19 @@ const verifyToken = require("../middleware/verifyToken");
router.get("/roles", getAllRoles); router.get("/roles", getAllRoles);
router.route("/profile") router.get('/profile', verifyToken.verifyAccessToken, getUserProfile);
.get(getUserProfile);
router.route("/") router.route("/")
.get(verifyToken, getAllUsers) .get(verifyToken.verifyAccessToken, getAllUsers)
.post(verifyToken, createUser); .post(verifyToken.verifyAccessToken, createUser);
router router
.route("/status") .route("/status")
.get(verifyToken, getAllStatusUsers); .get(verifyToken.verifyAccessToken, getAllStatusUsers);
router.route("/:id") router.route("/:id")
.get(verifyToken, getUserById) .get(verifyToken.verifyAccessToken, getUserById)
.put(verifyToken, updateUser) .put(verifyToken.verifyAccessToken, updateUser)
.delete(verifyToken, deleteUser); .delete(verifyToken.verifyAccessToken, deleteUser);
module.exports = router; module.exports = router;

148
services/auth.service.js
View File

@@ -1,77 +1,101 @@
const bcrypt = require("bcrypt");
const jwt = require("jsonwebtoken");
const validateUser = require("../helpers/validateUser");
const { ErrorHandler } = require("../helpers/error");
const { const {
getUserByUsernameDb getUserByUserEmailDb,
} = require("../db/user.db"); createUserDb
const { logger } = require("../utils/logger"); } = require('../db/user.db');
const JWTService = require('../utils/jwt');
const { hashPassword, comparePassword } = require('../helpers/hashPassword');
const { ErrorHandler } = require('../helpers/error');
class AuthService { class AuthService {
async login(username, password, tenantId) { // Register
try { static async register({ fullname, username, email, phone, password }) {
// if (!validateUser(username, password)) { const existingUser = await getUserByUserEmailDb(email);
// throw new ErrorHandler(403, "Invalid login"); if (existingUser) {
// } throw new ErrorHandler(400, 'Email already registered');
const user = await getUserByUsernameDb(username, tenantId);
console.log(user);
if (!user) {
throw new ErrorHandler(403, "Username not found.");
} }
const isCorrectPassword = password === user.password const hashedPassword = await hashPassword(password);
if (!isCorrectPassword) {
throw new ErrorHandler(403, "Username or password incorrect.");
}
const dataToken = { const userId = await createUserDb({
tenant_id: tenantId, user_fullname: fullname,
user_id: user.user_id, user_name: username,
username, user_email: email,
fullname: user.full_name, user_phone: phone,
role_id: user.role_id user_password: hashedPassword,
} role_id: 3,
is_sa: 0,
is_active: 1
});
const token = await this.signToken(dataToken); // ambil user baru
const refreshToken = await this.signRefreshToken(dataToken); const newUser = {
user_id: userId,
return { user_fullname: fullname,
token, user_name: username,
refreshToken, user_email: email,
role_id: dataToken.role_id, user_phone: phone,
tenant_id: tenantId, role_id: 3,
user: {
user_id: dataToken.user_id,
fullname: dataToken.fullname,
username: dataToken.username,
},
}; };
} catch (error) {
throw new ErrorHandler(error.statusCode, error.message); // generate token pair
} const tokens = JWTService.generateTokenPair(newUser);
return { user: newUser, tokens };
} }
async signToken(data) { // Login
try { static async login({ email, password }) {
// console.log("signToken process.env.SECRET", process.env.SECRET) const user = await getUserByUserEmailDb(email);
return jwt.sign(data, process.env.SECRET, { expiresIn: "23h" }); if (!user) {
} catch (error) { throw new ErrorHandler(401, 'Invalid credentials');
logger.error(error);
throw new ErrorHandler(500, "An error occurred");
}
} }
async signRefreshToken(data) { const passwordMatch = await comparePassword(password, user.user_password);
try { if (!passwordMatch) {
return jwt.sign(data, process.env.REFRESH_SECRET, { expiresIn: "23h" }); throw new ErrorHandler(401, 'Invalid credentials');
} catch (error) {
logger.error(error);
throw new ErrorHandler(500, error.message);
}
}
} }
module.exports = new AuthService(); if (!user.is_active) {
throw new ErrorHandler(403, 'User is inactive');
}
const payload = {
user_id: user.user_id,
user_fullname: user.user_fullname,
user_name: user.user_name,
user_email: user.user_email,
phone: user.phone,
role_id: user.role_id,
role_name: user.role_name,
is_sa: user.is_sa
};
const tokens = JWTService.generateTokenPair(payload);
return { user: payload, tokens };
}
// Refresh token
static async refreshToken(refreshToken) {
if (!refreshToken) {
throw new ErrorHandler(401, 'Refresh token is required');
}
const decoded = JWTService.verifyRefreshToken(refreshToken);
const payload = {
user_id: decoded.user_id,
user_fullname: decoded.user_fullname,
user_name: decoded.user_name,
user_email: decoded.user_email,
role_id: decoded.role_id,
role_name: decoded.role_name
};
const accessToken = JWTService.generateAccessToken(payload);
return { accessToken, tokenType: 'Bearer', expiresIn: 900 };
}
}
module.exports = AuthService;

8
utils/captcha.js Normal file
View File

@@ -0,0 +1,8 @@
const svgCaptcha = require('svg-captcha');
function createCaptcha() {
const captcha = svgCaptcha.create({ size: 5, noise: 2, color: true });
return { svg: captcha.data, text: captcha.text };
}
module.exports = { createCaptcha };

81
utils/jwt.js Normal file
View File

@@ -0,0 +1,81 @@
const jwt = require('jsonwebtoken');
const crypto = require('crypto');
const tokenSettings = {
access: {
expiresIn: '15m',
type: 'access',
secret: process.env.SECRET
},
refresh: {
expiresIn: '7d',
type: 'refresh',
secret: process.env.REFRESH_SECRET
}
};
function generateTokenId() {
return crypto.randomBytes(32).toString('hex');
}
function generateToken(payload, type) {
const settings = tokenSettings[type];
if (!settings) throw new Error(`Invalid token type: ${type}`);
const tokenPayload = { ...payload, type: settings.type };
return jwt.sign(tokenPayload, settings.secret, {
expiresIn: settings.expiresIn,
jwtid: generateTokenId()
});
}
function verifyTokenType(token, type) {
const settings = tokenSettings[type];
try {
const decoded = jwt.verify(token, settings.secret);
if (decoded.type !== type) throw new Error('Invalid token type');
return decoded;
} catch (error) {
if (error.name === 'TokenExpiredError') throw new Error(`${type} token has expired`);
if (error.name === 'JsonWebTokenError') throw new Error(`Invalid ${type} token`);
throw error;
}
}
function generateAccessToken(payload) {
return generateToken(payload, 'access');
}
function generateRefreshToken(payload) {
return generateToken(payload, 'refresh');
}
function verifyToken(token) {
return verifyTokenType(token, 'access');
}
function verifyRefreshToken(token) {
return verifyTokenType(token, 'refresh');
}
function generateTokenPair(payload) {
const accessToken = generateAccessToken(payload);
const refreshToken = generateRefreshToken(payload);
return {
accessToken,
refreshToken,
tokenType: 'Bearer',
expiresIn: 900,
refreshExpiresIn: 604800
};
}
module.exports = {
generateAccessToken,
generateRefreshToken,
verifyToken,
verifyRefreshToken,
generateTokenPair,
};