Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bugfix/issue 153 token revalidation #162

Closed
wants to merge 14 commits into from
Closed

Bugfix/issue 153 token revalidation #162

wants to merge 14 commits into from

Conversation

dsmabulage
Copy link
Contributor

Purpose

The purpose of this PR is to fix #153

Goals

Implement a token refresh flow to ensure continuous authentication by issuing new access tokens when the current ones expire.

Approach

  • Added logic to verify the access token and issue a new token using the refresh token when the access token is expired.
  • Implemented a method to set both the new access token and refresh token as cookies in the response.
  • Updated the authentication middleware to handle token expiration and automatically refresh tokens if a valid refresh token is provided.

Screenshots

Checklist

  • This PR doesn't commit any keys, passwords, tokens, usernames, or other secrets.
  • I have read and understood the development best practices guidelines ( http://bit.ly/sef-best-practices )
  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation

Related PRs

Test environment

Learning

@dsmabulage dsmabulage mentioned this pull request Sep 3, 2024
Closed
9 tasks
anjula-sack
anjula-sack requested changes Sep 3, 2024
View reviewed changes
src/utils.ts Outdated Show resolved Hide resolved
anjula-sack
anjula-sack requested changes Sep 15, 2024
View reviewed changes
src/controllers/auth.controller.ts Outdated Show resolved Hide resolved
anjula-sack
anjula-sack requested changes Sep 16, 2024
View reviewed changes
Copy link
Member

@anjula-sack anjula-sack left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can you resolve the conflicts @dsmabulage

@dsmabulage
Copy link
Contributor Author

can you resolve the conflicts @dsmabulage

done

@anjula-sack
Copy link
Member

After having a discussion regarding this. We decided not to implement this since we are using http only cookies already. Thank you for your contribution though.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anjula-sack anjula-sack anjula-sack requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Implement refresh and access token system in backend
2 participants
@dsmabulage @anjula-sack