yogiedigital/cod-api
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: yogiedigital:ec81b4b31120e5114aab46636998c8654750bc3c
Branches Tags
yogiedigital:main yogiedigital:wisdom
..
compare: yogiedigital:fe5241a1e1c65cec197faf66dc1b5f1ae84d9bbf
Branches Tags
yogiedigital:main yogiedigital:wisdom

4 Commits
ec81b4b311 ... fe5241a1e1

Author SHA1 Message Date
Antony Kurniawan
fe5241a1e1 fix: refresh token 2025-10-02 15:40:09 +07:00
Antony Kurniawan
8375c0c2f2 update: response error 2025-10-02 15:39:56 +07:00
Antony Kurniawan
1987508887 fix: cookie dev 2025-10-02 15:39:26 +07:00
Antony Kurniawan
f4580c42ee update: verifytoken 2025-10-02 15:39:08 +07:00
4 changed files with 34 additions and 27 deletions
Expand all files Collapse all files

17
controllers/auth.controller.js
View File

@@ -29,8 +29,8 @@ class AuthController {
// Set refresh token in cookie // Set refresh token in cookie
res.cookie('refreshToken', tokens.refreshToken, { res.cookie('refreshToken', tokens.refreshToken, {
httpOnly: true, httpOnly: true,
secure: process.env.NODE_ENV === 'production', secure: false, //masih dev
sameSite: 'strict', sameSite: 'lax',
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
}); });
@@ -71,8 +71,8 @@ class AuthController {
// Set refresh token in cookie // Set refresh token in cookie
res.cookie('refreshToken', tokens.refreshToken, { res.cookie('refreshToken', tokens.refreshToken, {
httpOnly: true, httpOnly: true,
secure: process.env.NODE_ENV === 'production', secure: false, // masih dev
sameSite: 'strict', sameSite: 'lax',
maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari maxAge: 7 * 24 * 60 * 60 * 1000 // 7 hari
}); });
@@ -98,8 +98,9 @@ class AuthController {
return res.status(200).json(setResponse(result, 'Token refreshed successfully', 200)); return res.status(200).json(setResponse(result, 'Token refreshed successfully', 200));
} catch (err) { } catch (err) {
return res.status(err.statusCode || 500).json( const status = err.statusCode && err.statusCode < 500 ? err.statusCode : 401;
setResponse(null, err.message || 'Refresh token failed', err.statusCode || 500) return res.status(status).json(
setResponse(null, err.message || 'Refresh token invalid', status)
); );
} }
} }
@@ -109,8 +110,8 @@ class AuthController {
try { try {
res.clearCookie('refreshToken', { res.clearCookie('refreshToken', {
httpOnly: true, httpOnly: true,
secure: process.env.NODE_ENV === 'production', sameSite: 'none',
sameSite: 'strict', secure: true
}); });
return res.status(200).json(setResponse(null, 'Logged out successfully', 200)); return res.status(200).json(setResponse(null, 'Logged out successfully', 200));
} catch (err) { } catch (err) {

11
middleware/verifyToken.js
View File

@@ -29,10 +29,15 @@ function verifyAccessToken(req, res, next) {
setUser(req, decoded); setUser(req, decoded);
next(); next();
} catch (error) { } catch (error) {
if (error.name === 'TokenExpiredError' || error.name === 'JsonWebTokenError') { if (error.name === 'TokenExpiredError') {
return next(new ErrorHandler(401, error.message)); return next(new ErrorHandler(401, 'Access token expired'));
} }
next(new ErrorHandler(500, 'Authenticate verification failed'));
if (error.name === 'JsonWebTokenError') {
return next(new ErrorHandler(401, 'Invalid access token'));
}
return next(new ErrorHandler(500, 'Internal authentication error'));
} }
} }

19
services/auth.service.js
View File

@@ -76,17 +76,22 @@ class AuthService {
// Refresh Token // Refresh Token
static async refreshToken(refreshToken) { static async refreshToken(refreshToken) {
if (!refreshToken) { if (!refreshToken) throw new ErrorHandler(401, 'Refresh token is required');
throw new ErrorHandler(401, 'Refresh token is required');
}
const decoded = JWTService.verifyRefreshToken(refreshToken); let decoded;
try {
decoded = JWTService.verifyRefreshToken(refreshToken);
} catch (err) {
if (err.message.includes('expired')) throw new ErrorHandler(401, 'Refresh token expired');
throw new ErrorHandler(401, 'Invalid refresh token');
}
const payload = { const payload = {
user_id: decoded.user_id, user_id: decoded.user_id,
user_fullname: decoded.user_fullname, user_fullname: decoded.user_fullname,
user_name: decoded.user_name, user_name: decoded.user_name,
user_email: decoded.user_email, user_email: decoded.user_email,
user_phone: decoded.user_phone,
role_id: decoded.role_id, role_id: decoded.role_id,
role_name: decoded.role_name, role_name: decoded.role_name,
is_sa: decoded.is_sa is_sa: decoded.is_sa
@@ -94,7 +99,11 @@ class AuthService {
const accessToken = JWTService.generateAccessToken(payload); const accessToken = JWTService.generateAccessToken(payload);
return { accessToken, tokenType: 'Bearer', expiresIn: 900 }; return {
accessToken,
tokenType: 'Bearer',
expiresIn: 900
};
} }
} }

14
utils/jwt.js
View File

@@ -32,15 +32,9 @@ function generateToken(payload, type) {
function verifyTokenType(token, type) { function verifyTokenType(token, type) {
const settings = tokenSettings[type]; const settings = tokenSettings[type];
try { const decoded = jwt.verify(token, settings.secret);
const decoded = jwt.verify(token, settings.secret); if (decoded.type !== type) throw new Error('Invalid token type');
if (decoded.type !== type) throw new Error('Invalid token type'); return decoded;
return decoded;
} catch (error) {
if (error.name === 'TokenExpiredError') throw new Error(`${type} token has expired`);
if (error.name === 'JsonWebTokenError') throw new Error(`Invalid ${type} token`);
throw error;
}
} }
function generateAccessToken(payload) { function generateAccessToken(payload) {
@@ -67,8 +61,6 @@ function generateTokenPair(payload) {
accessToken, accessToken,
refreshToken, refreshToken,
tokenType: 'Bearer', tokenType: 'Bearer',
expiresIn: 900,
refreshExpiresIn: 604800
}; };
} }