feat: refresh token

hi02102002 · hi02102002 · commit 72d47d36834e · 2024-03-05T22:06:01.000+07:00
diff --git a/client/src/app.tsx b/client/src/app.tsx
@@ -19,6 +19,7 @@ import { AppLayout, AuthLayout, SettingLayout } from '@/components/layouts';
 import { TChannelQuery } from './types/channel';
 import { queryStringToObject } from './utils';
 import { queryChannelsOption } from './lib/query-options/channel';
+import { ROUTES } from './constants';
 
 export const router = createBrowserRouter([
    {
@@ -41,20 +42,20 @@ export const router = createBrowserRouter([
             Component: AuthLayout,
             children: [
                {
-                  path: '/login',
+                  path: ROUTES.AUTH.LOGIN,
                   Component: Login,
                   index: true,
                },
                {
-                  path: '/register',
+                  path: ROUTES.AUTH.REGISTER,
                   Component: Register,
                },
                {
-                  path: '/forgot-password',
+                  path: ROUTES.AUTH.FORGOT_PASS,
                   Component: ForgotPassword,
                },
                {
-                  path: '/set-password',
+                  path: ROUTES.AUTH.RESET_PASS,
                   Component: SetPassword,
                },
             ],
@@ -71,7 +72,7 @@ export const router = createBrowserRouter([
                });
 
                if (!user) {
-                  return redirect(`/login?${url.toString()}`);
+                  return redirect(`${ROUTES.AUTH.LOGIN}?${url.toString()}`);
                }
 
                useUserStore.getState().setUser(user);
@@ -80,14 +81,14 @@ export const router = createBrowserRouter([
             },
             children: [
                {
-                  path: '/dashboard',
+                  path: ROUTES.PRIVATE.DASHBOARD,
                   index: true,
                   loader: async () => {
-                     return redirect('/chatbots');
+                     return redirect(ROUTES.PRIVATE.CHAT_BOT.INDEX);
                   },
                },
                {
-                  path: '/chatbots',
+                  path: ROUTES.PRIVATE.CHAT_BOT.INDEX,
                   element: <div>a</div>,
                   loader: () => {
                      useAppLayoutStore
@@ -98,7 +99,7 @@ export const router = createBrowserRouter([
                   },
                },
                {
-                  path: '/channels',
+                  path: ROUTES.PRIVATE.CHANNEL.INDEX,
                   Component: Channels,
                   loader: async ({ request }) => {
                      const query: TChannelQuery = queryStringToObject(
@@ -117,7 +118,7 @@ export const router = createBrowserRouter([
                   },
                },
                {
-                  path: '/settings',
+                  path: ROUTES.PRIVATE.SETTING.INDEX,
                   Component: SettingLayout,
                   loader: async () => {
                      const data =
@@ -132,25 +133,25 @@ export const router = createBrowserRouter([
                   },
                   children: [
                      {
-                        path: 'mail',
+                        path: ROUTES.PRIVATE.SETTING.MAIL,
                         Component: Mail,
                      },
                      {
-                        path: 'profiles',
+                        path: ROUTES.PRIVATE.SETTING.PROFILES,
                         Component: Profiles,
                      },
                      {
                         index: true,
                         loader: async () => {
-                           return redirect('/settings/profiles');
+                           return redirect(ROUTES.PRIVATE.SETTING.PROFILES);
                         },
                      },
                   ],
                },
             ],
          },
          {
-            path: '/',
+            path: ROUTES.PUBLIC.LANDING_PAGE,
             element: <div>Hi</div>,
          },
       ],
diff --git a/client/src/components/forms/channel.tsx b/client/src/components/forms/channel.tsx
@@ -41,7 +41,10 @@ const ChannelForm = ({
    const form = useForm<TChannelInput>({
       resolver: zodResolver(schema),
       mode: 'onChange',
-      defaultValues,
+      defaultValues: {
+         active: true,
+         ...defaultValues,
+      },
    });
    const { data: types } = useQuery(queryChannelTypesOption);
 
diff --git a/client/src/components/forms/setting-mail.tsx b/client/src/components/forms/setting-mail.tsx
@@ -61,6 +61,7 @@ export const SettingMailForm = ({
                            <Input
                               {...field}
                               placeholder={t('email.placeholder')}
+                              autoComplete="one-time-code"
                            />
                         </FormControl>
                         <FormMessage />
@@ -80,6 +81,7 @@ export const SettingMailForm = ({
                               {...field}
                               placeholder={t('password.placeholder')}
                               type="password"
+                              autoComplete="one-time-code"
                            />
                         </FormControl>
                         <FormMessage />
diff --git a/client/src/constants/index.ts b/client/src/constants/index.ts
@@ -31,3 +31,31 @@ export const ENDPOINTS = {
       TYPES: '/channel/types',
    },
 };
+
+export const ROUTES = {
+   AUTH: {
+      LOGIN: '/login',
+      REGISTER: '/register',
+      FORGOT_PASS: '/forgot-password',
+      RESET_PASS: '/set-password',
+   },
+   PUBLIC: {
+      LANDING_PAGE: '/',
+   },
+   PRIVATE: {
+      DASHBOARD: '/dashboard',
+      CHANNEL: {
+         INDEX: '/channels',
+         CREATE: '/channels/create',
+         EDIT: '/channels/edit',
+      },
+      CHAT_BOT: {
+         INDEX: '/chatbots',
+      },
+      SETTING: {
+         INDEX: '/settings',
+         MAIL: '/settings/email',
+         PROFILES: '/settings/profiles',
+      },
+   },
+};
diff --git a/client/src/lib/http-client.ts b/client/src/lib/http-client.ts
@@ -1,3 +1,5 @@
+import { auth } from '@/apis/auth';
+import { ROUTES } from '@/constants';
 import { ELang } from '@/types/share';
 import axios from 'axios';
 
@@ -27,7 +29,36 @@ http_client.interceptors.response.use(
    function (response) {
       return response.data;
    },
-   function (error) {
+   async function (error) {
+      const originalRequest = error.config;
+
+      if (
+         Object.values(ROUTES.AUTH).some((route) =>
+            window.location.pathname.includes(route)
+         )
+      ) {
+         return Promise.reject(error);
+      }
+
+      if (error.response?.status === 401 && !originalRequest._retry) {
+         try {
+            originalRequest._retry = true;
+
+            const tokens = await auth.refreshToken().then((r) => {
+               return r.data;
+            });
+
+            http_client.defaults.headers.common['Authorization'] =
+               `Bearer ${tokens?.accessToken}`;
+
+            return http_client(originalRequest);
+         } catch (error) {
+            const prevHref = window.location.href;
+            window.location.href = `/login?redirect=${prevHref}`;
+            return Promise.reject(error);
+         }
+      }
+
       return Promise.reject(error);
    }
 );
diff --git a/client/src/lib/schema/channel.ts b/client/src/lib/schema/channel.ts
@@ -1,10 +1,13 @@
 import { channelApi } from '@/apis/channel';
 import { ChannelType } from '@/types/channel';
+import { useQuery } from '@tanstack/react-query';
 import { useTranslation } from 'react-i18next';
 import * as z from 'zod';
+import { queryChannelTypesOption } from '../query-options/channel';
 
 export const useChannelSchema = () => {
    const { t } = useTranslation('forms');
+   const { data: types } = useQuery(queryChannelTypesOption);
 
    return z
       .object({
@@ -33,9 +36,11 @@ export const useChannelSchema = () => {
       })
       .superRefine(async (data, ctx) => {
          if (data.credentials) {
-            const type = await channelApi
-               .getChannelType(data.channelTypeId)
-               .then((r) => r.data);
+            const type = types?.find((type) => type.id === data.channelTypeId);
+
+            if (!type) {
+               return;
+            }
 
             switch (type.name) {
                case ChannelType.MESSENGER:
diff --git a/server/src/constants/index.ts b/server/src/constants/index.ts
@@ -1,9 +1,9 @@
 export const MIN_PASSWORD_LENGTH = 8;
 export const MAX_PASSWORD_LENGTH = 32;
 export const MAX_ID_LENGTH = 36;
-export const TIME_EXPIRED_REFRESH_TOKEN = 60 * 60 * 24 * 30;
-export const TIME_EXPIRED_RESET_PASSWORD_TOKEN = 60 * 60 * 24;
-export const TIME_EXPIRED_ACCESS_TOKEN = 60 * 60 * 24;
+export const TIME_EXPIRED_REFRESH_TOKEN = 60 * 60 * 24 * 7; // 7 days
+export const TIME_EXPIRED_RESET_PASSWORD_TOKEN = 60 * 60 * 2; // 2 hours
+export const TIME_EXPIRED_ACCESS_TOKEN = 60;
 
 // QUEUE KEY
 export const QUEUE_KEYS = {
diff --git a/server/src/controllers/auth.controller.ts b/server/src/controllers/auth.controller.ts
@@ -100,8 +100,7 @@ export class AuthController {
    });
 
    public logout = catchAsync(async (req: RequestWithUser, res) => {
-
-      await this.authService.logout(req.user?.id as string)
+      await this.authService.logout(req.user?.id as string);
 
       this.clearTokensCookie(res);
 
@@ -129,7 +128,7 @@ export class AuthController {
    };
 
    private clearTokensCookie = (res: Response) => {
-      res.clearCookie('access_token',);
+      res.clearCookie('access_token');
       res.clearCookie('refresh_token');
    };
 }
diff --git a/server/src/middlewares/auth.middleware.ts b/server/src/middlewares/auth.middleware.ts
@@ -18,7 +18,7 @@ const getAuthorization = (req: Request): string | null => {
    return null;
 };
 
-export const auth = async (
+export const authMiddleware = async (
    req: RequestWithUser,
    res: Response,
    next: NextFunction
@@ -28,8 +28,6 @@ export const auth = async (
       const authService = Container.get(AuthService);
       const Authorization = getAuthorization(req);
 
-
-
       if (Authorization) {
          const { id } = (await authService.verifyToken(
             Authorization,
@@ -52,7 +50,7 @@ export const auth = async (
       } else {
          next(
             new HttpException(
-               StatusCodes.BAD_REQUEST,
+               StatusCodes.UNAUTHORIZED,
                'Token đăng nhập không tồn tại'
             )
          );
diff --git a/server/src/middlewares/decrypt.middleware.ts b/server/src/middlewares/decrypt.middleware.ts
@@ -1,6 +1,11 @@
 import { decrypt } from '@/utils/crypto';
+import { NextFunction, Request, Response } from 'express';
 
-export const decryptMiddleware = (req, res, next) => {
+export const decryptMiddleware = (
+   req: Request,
+   _res: Response,
+   next: NextFunction
+) => {
    if (req.body?.encrypted) {
       req.body = JSON.parse(decrypt(req.body.encrypted));
    }
diff --git a/server/src/routes/auth.route.ts b/server/src/routes/auth.route.ts
@@ -6,7 +6,7 @@ import {
    RegisterDto,
    ResetPasswordDto,
 } from '@/dtos/auth.dto';
-import { auth } from '@/middlewares/auth.middleware';
+import { authMiddleware } from '@/middlewares/auth.middleware';
 import { validate } from '@/middlewares/validation.middleware';
 import { AuthController } from '@controllers/auth.controller';
 import type { Routes } from '@interfaces/routes.interface';
@@ -64,16 +64,14 @@ export class AuthRoute implements Routes {
 
       this.router.get(
          ENDPOINTS.AUTH.CURRENT_USER,
-         auth,
+         authMiddleware,
          this.controller.getCurrentUser
       );
 
       this.router.post(
          ENDPOINTS.AUTH.LOGOUT,
-         auth,
+         authMiddleware,
          this.controller.logout
       );
-
-
    }
 }
diff --git a/server/src/routes/channels.route.ts b/server/src/routes/channels.route.ts
@@ -2,10 +2,11 @@ import { ENDPOINTS } from '@/constants';
 import { ChannelController } from '@/controllers/channels.controller';
 import { ChannelDTO, DeleteChannelDTO } from '@/dtos/channels.dto';
 import { PagingDTO } from '@/dtos/paging.dto';
-import { auth } from '@/middlewares/auth.middleware';
+import { authMiddleware } from '@/middlewares/auth.middleware';
 import { validate } from '@/middlewares/validation.middleware';
 import type { Routes } from '@interfaces/routes.interface';
 import { Router } from 'express';
+
 export class ChannelRoute implements Routes {
    public router: Router = Router();
    public controller = new ChannelController();
@@ -17,34 +18,34 @@ export class ChannelRoute implements Routes {
       this.router.post(
          ENDPOINTS.CHANNEL.INDEX,
          validate(ChannelDTO, 'body'),
-         auth,
+         authMiddleware,
          this.controller.createChannel
       );
 
       this.router.put(
          `${ENDPOINTS.CHANNEL.INDEX}/:id`,
          validate(ChannelDTO, 'body'),
-         auth,
+         authMiddleware,
          this.controller.updateChannel
       );
 
       this.router.delete(
          `${ENDPOINTS.CHANNEL.DELETE}/:id`,
-         auth,
+         authMiddleware,
          this.controller.deleteChannel
       );
 
       this.router.delete(
          ENDPOINTS.CHANNEL.DELETES,
          validate(DeleteChannelDTO, 'body'),
-         auth,
+         authMiddleware,
          this.controller.deleteMultipleChannel
       );
 
       this.router.get(
          ENDPOINTS.CHANNEL.INDEX,
          validate(PagingDTO, 'query'),
-         auth,
+         authMiddleware,
          this.controller.getAllChannels
       );
 
diff --git a/server/src/routes/setting.route.ts b/server/src/routes/setting.route.ts
diff --git a/server/src/routes/users.route.ts b/server/src/routes/users.route.ts
diff --git a/server/src/services/auth.service.ts b/server/src/services/auth.service.ts
