Skip to content

Fix auth #120

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 12, 2024
Merged

Fix auth #120

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 6 additions & 1 deletion backend/user-service/.env.example
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,4 +47,9 @@ SMTP_PASSWORD=scdqcveqpurzzajj
APP_URL=http://localhost:3000

# Feature flags
DEFAULT_ADMIN_ON_REGISTER_FEATURE=true
DEFAULT_ADMIN_ON_REGISTER_FEATURE=true

# Token expiry duration
JWT_ACCESS_TOKEN_EXPIRY="1d"
JWT_REFRESH_TOKEN_EXPIRY="7d"
JWT_RESET_TOKEN_EXPIRY="15m"
6 changes: 3 additions & 3 deletions backend/user-service/config/authConfig.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,13 +4,13 @@ dotenv.config();

export const jwtConfig = {
refreshTokenOptions: {
expiresIn: process.env.ENV === "production" ? "7d" : "1d", // Shorter duration in dev for testing
expiresIn: process.env.JWT_REFRESH_TOKEN_EXPIRY
},
accessTokenOptions: {
expiresIn: process.env.ENV === "production" ? "15m" : "30s", // Shorter duration in dev for testing
expiresIn: process.env.JWT_ACCESS_TOKEN_EXPIRY
},
resetTokenOptions: {
expiresIn: "15m",
expiresIn: process.env.JWT_RESET_TOKEN_EXPIRY,
},
accessTokenSecret: process.env.JWT_ACCESS_TOKEN_SECRET,
refreshTokenSecret: process.env.JWT_REFRESH_TOKEN_SECRET,
Expand Down
13 changes: 9 additions & 4 deletions frontend/src/infrastructure/Api/BaseApi.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ export class BaseApi {
baseURL: API_URL + baseUrl,
timeout: 10000,
headers: {
"Content-Type": "application/json",
"Content-Type": "application/json"
},
withCredentials: true
});
Expand All @@ -42,21 +42,26 @@ export class BaseApi {

private setUpResponseInterceptors(axiosInstance: AxiosInstance): number {
return axiosInstance.interceptors.response.use(
(response: AxiosResponse) => response,
(response: AxiosResponse) => {
return response;
},
async (err: AxiosError) => {
const prevRequest = err?.config;
if (prevRequest && err?.response?.status === 401) {
try {
// Eject to prevent infinite loop
this.protectedAxiosInstance.interceptors.response.eject(this.protectedResponseInterceptorId);
const newAccessToken = await userUseCases.refreshToken();
prevRequest.headers["Authorization"] = `Bearer ${newAccessToken}`;
AuthClientStore.setAccessToken(newAccessToken);
if (newAccessToken) {
AuthClientStore.setAccessToken(newAccessToken);
}
return this.protectedAxiosInstance(prevRequest);
} catch (error) {
// Refresh token expired/invalid
console.error(error);
return Promise.reject(error);
} finally {
this.protectedAxiosInstance.interceptors.response.eject(this.protectedResponseInterceptorId);
}
}
return Promise.reject(err);
Expand Down
Loading