mise en place du refresh token

486d0aab · HENRIQUES Valentin · 5307b1d5 · 486d0aab · 486d0aab · 486d0aab
Commit 486d0aab authored 1 year ago by HENRIQUES Valentin
--- a/db/database.db
+++ b/db/database.db
--- a/index.js
+++ b/index.js
@@ -25,6 +25,8 @@ import authSignup from './src/routes/auth/authSignup.js';
 import authLogin from './src/routes/auth/authLogin.js';
 import authMiddleware from './src/routes/auth/authMiddleware.js';
 import authDisconnect from './src/routes/auth/authDisconnect.js';
+import authRefresh from './src/routes/auth/authRefresh.js';
+
 async function createDb() {
    if(fs.existsSync('./db/database.db') == false){
        const db = await open({
@@ -66,6 +68,7 @@ api.use(express.json());
 api.use('/auth/signup',authSignup);
 api.use('/auth/login',authLogin);
 api.use('/auth/disconnect', authDisconnect);
+api.use('/auth/refresh', authRefresh);

 api.use('/hello',authMiddleware,helloRoute);
 api.use('/monkey/deleteAll',monkeyDeletteAll);

--- a/migrations/001-db.sql
+++ b/migrations/001-db.sql
@@ -31,6 +31,15 @@ CREATE TABLE invalid_token (
    token TEXT
 );

+CREATE TABLE refresh_tokens (
+    id INTEGER PRIMARY KEY AUTOINCREMENT,
+    user_id INTEGER,
+    token TEXT NOT NULL,
+    expiry_date TIMESTAMP NOT NULL,
+    FOREIGN KEY(user_id) REFERENCES users(id)
+);
+
+
 -- Insertion des données dans la table 'user'
 INSERT INTO user (id, username, password) VALUES
 (1, 'admin', 'admin');

--- a/src/DAO/MonkeyDbDAO.js
+++ b/src/DAO/MonkeyDbDAO.js
@@ -21,6 +21,25 @@ class MonkeyDbDAO extends IMonkeyDAO{
            filename: './db/database.db',
            driver: sqlite3.Database
        });
+        const dataMonkey = await this.db.get('SELECT * FROM monkey WHERE id = ?', [monkey.id]);
+        if(monkey.name == null){
+            monkey.name = dataMonkey.name;
+        }
+        if(monkey.speciesId == null){
+            monkey.speciesId = dataMonkey.speciesId;
+        }
+        if(monkey.sex == null){
+            monkey.sex = dataMonkey.sex
+        }
+        if(monkey.age == null){
+            monkey.age = dataMonkey.age;
+        }
+        if(monkey.birthLoc == null){
+            monkey.birthLoc = dataMonkey.birthLoc;
+        }
+        if(monkey.liveLoc == null){
+            monkey.liveLoc = dataMonkey.liveLoc;
+        }
        await this.db.run('UPDATE monkey SET name = ?, speciesId = ?, sex=?, age = ?, birthLoc = ?, liveLoc = ? WHERE id = ?',[monkey.name, monkey.speciesId, monkey.sex, monkey.age, monkey.birthLoc, monkey.liveLoc, monkey.id]);
    }
    async delete(id){

--- a/src/DAO/SpeciesDbDAO.js
+++ b/src/DAO/SpeciesDbDAO.js
@@ -19,6 +19,22 @@ class SpeciesDbDAO extends ISpeciesDAO{
            filename: './db/database.db',
            driver: sqlite3.Database
        });
+        const dataSpecies = await this.db.get('SELECT * FROM species WHERE id = ?', [species.id]);
+        if(species.name == null){
+            species.name = dataSpecies.name;
+        }
+        if(species.habitat == null){
+            species.habitat = dataSpecies.habitat;
+        }
+        if(species.height == null){
+            species.height = dataSpecies.height;
+        }
+        if(species.weight == null){
+            species.weight = dataSpecies.weight;
+        }
+        if(species.diet == null){
+            species.diet = dataSpecies.diet;
+        }
        await this.db.run('UPDATE species SET name = ?, habitat = ?, height = ?, weight = ?, diet = ? WHERE id = ?', [species.name, species.habitat, species.height, species.weight, species.diet, species.id]);
    }


--- a/src/routes/auth/authLogin.js
+++ b/src/routes/auth/authLogin.js
@@ -29,19 +29,20 @@ router.post('/', async (req, res) => {
            }
        };

-        jwt.sign(
-            payload,
-            process.env.JWT_SECRET,
-            { expiresIn: 3600 },
-            (err, token) => {
-                if (err) throw err;
-                res.json({ token });
-            }
-        );
+        const accessToken = jwt.sign(payload, process.env.JWT_SECRET, { expiresIn: '15m' });
+        const refreshToken = jwt.sign(payload, process.env.JWT_SECRET, { expiresIn: '7d' });
+
+        // Stockez le refresh token dans la base de données
+        //db.prepare('INSERT INTO refresh_tokens (user_id, token, expiry_date) VALUES (?, ?, datetime("now", "+7 day"))').run(user.id, refreshToken);
+
+
+        res.json({ accessToken, refreshToken });
    } catch (err) {
        console.error(err.message);
        res.status(500).send('Erreur du serveur');
    }
 });

+
+
 export default router;
--- a/src/routes/auth/authRefresh.js
+++ b/src/routes/auth/authRefresh.js
+import express from 'express';
+import bcrypt, { compare } from 'bcrypt';
+import jwt from 'jsonwebtoken';
+import sqlite from 'better-sqlite3';
+import dotenv from 'dotenv';
+dotenv.config();
+
+const router = express.Router();
+
+router.post('/refresh', (req, res) => {
+    const refreshToken = req.body.token;
+
+    // Vérifiez si le refresh token est valide
+
+    jwt.verify(refreshToken, process.env.JWT_SECRET, (err, user) => {
+        if (err) return res.sendStatus(403);
+
+        const accessToken = jwt.sign({ id: user.id }, process.env.JWT_SECRET, { expiresIn: '15m' });
+
+        res.json({ accessToken });
+    });
+});
+
+export default router;
\ No newline at end of file