From cfb09f9fe38199ae57d2e44679049de9f6888dc3 Mon Sep 17 00:00:00 2001 From: njxue Date: Tue, 12 Nov 2024 22:54:59 +0800 Subject: [PATCH] Fix auth --- backend/user-service/.env.example | 7 ++++++- backend/user-service/config/authConfig.js | 6 +++--- frontend/src/infrastructure/Api/BaseApi.ts | 13 +++++++++---- 3 files changed, 18 insertions(+), 8 deletions(-) diff --git a/backend/user-service/.env.example b/backend/user-service/.env.example index 84d9052720..80082f86cc 100644 --- a/backend/user-service/.env.example +++ b/backend/user-service/.env.example @@ -47,4 +47,9 @@ SMTP_PASSWORD=scdqcveqpurzzajj APP_URL=http://localhost:3000 # Feature flags -DEFAULT_ADMIN_ON_REGISTER_FEATURE=true \ No newline at end of file +DEFAULT_ADMIN_ON_REGISTER_FEATURE=true + +# Token expiry duration +JWT_ACCESS_TOKEN_EXPIRY="1d" +JWT_REFRESH_TOKEN_EXPIRY="7d" +JWT_RESET_TOKEN_EXPIRY="15m" \ No newline at end of file diff --git a/backend/user-service/config/authConfig.js b/backend/user-service/config/authConfig.js index 39399c8369..c67d468def 100644 --- a/backend/user-service/config/authConfig.js +++ b/backend/user-service/config/authConfig.js @@ -4,13 +4,13 @@ dotenv.config(); export const jwtConfig = { refreshTokenOptions: { - expiresIn: process.env.ENV === "production" ? "7d" : "1d", // Shorter duration in dev for testing + expiresIn: process.env.JWT_REFRESH_TOKEN_EXPIRY }, accessTokenOptions: { - expiresIn: process.env.ENV === "production" ? "15m" : "30s", // Shorter duration in dev for testing + expiresIn: process.env.JWT_ACCESS_TOKEN_EXPIRY }, resetTokenOptions: { - expiresIn: "15m", + expiresIn: process.env.JWT_RESET_TOKEN_EXPIRY, }, accessTokenSecret: process.env.JWT_ACCESS_TOKEN_SECRET, refreshTokenSecret: process.env.JWT_REFRESH_TOKEN_SECRET, diff --git a/frontend/src/infrastructure/Api/BaseApi.ts b/frontend/src/infrastructure/Api/BaseApi.ts index 14c31fb5a1..594645aeda 100644 --- a/frontend/src/infrastructure/Api/BaseApi.ts +++ b/frontend/src/infrastructure/Api/BaseApi.ts @@ -21,7 +21,7 @@ export class BaseApi { baseURL: API_URL + baseUrl, timeout: 10000, headers: { - "Content-Type": "application/json", + "Content-Type": "application/json" }, withCredentials: true }); @@ -42,21 +42,26 @@ export class BaseApi { private setUpResponseInterceptors(axiosInstance: AxiosInstance): number { return axiosInstance.interceptors.response.use( - (response: AxiosResponse) => response, + (response: AxiosResponse) => { + return response; + }, async (err: AxiosError) => { const prevRequest = err?.config; if (prevRequest && err?.response?.status === 401) { try { // Eject to prevent infinite loop - this.protectedAxiosInstance.interceptors.response.eject(this.protectedResponseInterceptorId); const newAccessToken = await userUseCases.refreshToken(); prevRequest.headers["Authorization"] = `Bearer ${newAccessToken}`; - AuthClientStore.setAccessToken(newAccessToken); + if (newAccessToken) { + AuthClientStore.setAccessToken(newAccessToken); + } return this.protectedAxiosInstance(prevRequest); } catch (error) { // Refresh token expired/invalid console.error(error); return Promise.reject(error); + } finally { + this.protectedAxiosInstance.interceptors.response.eject(this.protectedResponseInterceptorId); } } return Promise.reject(err);