deletee host
This commit is contained in:
vigdorov
@ -8,7 +8,6 @@ import * as jwt from 'jsonwebtoken';
|
||||
|
||||
interface Token {
|
||||
login: string;
|
||||
host: string;
|
||||
agent: string;
|
||||
iat: number;
|
||||
exp: number;
|
||||
@ -143,17 +142,15 @@ export class UserService {
|
||||
return bcrypt.compare(password, hash);
|
||||
}
|
||||
|
||||
generateTokens(login: string, host: string, agent: string): TokenResponse {
|
||||
generateTokens(login: string, agent: string): TokenResponse {
|
||||
const access_token = jwt.sign({
|
||||
login,
|
||||
host,
|
||||
agent,
|
||||
iat: Math.floor(Date.now() / 1000),
|
||||
exp: Math.floor(Date.now() / 1000) + (20), // секунды * минуты // выставить 60 * 2
|
||||
}, SECRET_JWT_ACCESS_KEY);
|
||||
const refresh_token = jwt.sign({
|
||||
login,
|
||||
host,
|
||||
agent,
|
||||
iat: Math.floor(Date.now() / 1000),
|
||||
exp: Math.floor(Date.now() / 1000) + (60 * 5), // секунды * минуты * часы * дни // потом выставить 60 * 60 * 24 * 1
|
||||
@ -164,10 +161,10 @@ export class UserService {
|
||||
};
|
||||
}
|
||||
|
||||
async authUser(login: string, password: string, host: string, agent: string): Promise<TokenResponse> {
|
||||
async authUser(login: string, password: string, agent: string): Promise<TokenResponse> {
|
||||
const searchUser = await this.findUser(login);
|
||||
if (searchUser && await this.checkPassword(password, searchUser.password)) {
|
||||
return this.generateTokens(login, host, agent);
|
||||
return this.generateTokens(login, agent);
|
||||
}
|
||||
|
||||
throw new BadRequestException('Не верный логин или пароль');
|
||||
@ -181,21 +178,21 @@ export class UserService {
|
||||
}
|
||||
}
|
||||
|
||||
checkToken(token: Token, host: string, agent: string): boolean {
|
||||
return token.host === host && token.agent === agent;
|
||||
checkToken(token: Token, agent: string): boolean {
|
||||
return token.agent === agent;
|
||||
}
|
||||
|
||||
async refreshAuth(refresh_token: string, host: string, agent: string): Promise<TokenResponse> {
|
||||
async refreshAuth(refresh_token: string, agent: string): Promise<TokenResponse> {
|
||||
this.verifyToken(refresh_token, SECRET_JWT_REFRESH_KEY);
|
||||
const token = jwt.decode(refresh_token) as Token;
|
||||
const searchUser = await this.findUser(token.login);
|
||||
if (searchUser && this.checkToken(token, host, agent)) {
|
||||
return this.generateTokens(token.login, host, agent);
|
||||
if (searchUser && this.checkToken(token, agent)) {
|
||||
return this.generateTokens(token.login, agent);
|
||||
}
|
||||
throw new BadRequestException('Unauthorized request');
|
||||
}
|
||||
|
||||
async checkAccessToken(access_token: string, host: string, agent: string): Promise<boolean> {
|
||||
async checkAccessToken(access_token: string, agent: string): Promise<boolean> {
|
||||
try {
|
||||
this.verifyToken(access_token, SECRET_JWT_ACCESS_KEY);
|
||||
} catch (e) {
|
||||
@ -204,6 +201,6 @@ export class UserService {
|
||||
|
||||
const token = jwt.decode(access_token) as Token;
|
||||
const searchUser = await this.findUser(token.login);
|
||||
return searchUser && this.checkToken(token, host, agent);
|
||||
return searchUser && this.checkToken(token, agent);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user