From 486d0aab41b90dc72ac291e52c7057124096b836 Mon Sep 17 00:00:00 2001
From: Valentin <valentin.henriques@etu.univ-amu.fr>
Date: Sun, 10 Dec 2023 23:47:51 +0100
Subject: [PATCH] mise en place du refresh token
---
db/database.db | Bin 24576 -> 32768 bytes
index.js | 3 +++
migrations/001-db.sql | 9 +++++++++
src/DAO/MonkeyDbDAO.js | 19 +++++++++++++++++++
src/DAO/SpeciesDbDAO.js | 16 ++++++++++++++++
src/routes/auth/authLogin.js | 19 ++++++++++---------
src/routes/auth/authRefresh.js | 24 ++++++++++++++++++++++++
7 files changed, 81 insertions(+), 9 deletions(-)
create mode 100644 src/routes/auth/authRefresh.js
diff --git a/db/database.db b/db/database.db
index ef9e61a81ab022667b3de14a2853a19442bd0565..af371cd4f8279233c3047cf40934b337b4147fe3 100644
GIT binary patch
delta 681
zcmZoTz}V2hG(lRBnSp_Ug8>29Ch8bVGc)KFE#hThU|{EVXW)<I>*uZIdCfD0dnUL0
z#>TT;^#SZ`;@aAbktK;qIjO~kIhiG?@x`fyrKx$z=v)rxAXmo_SA`HqCm&Y@G_@Le
ziMgpd#i@mwjTLO{;+mR_&Dvlyi&E2yQj0U<OY*Z*^NLY<?9P(NMxsbgKENkmuizLO
z;_vC_9OUZj>KCHJ%cY>8pio+zS`?p|qTuNl;_B`i1Qi9FuMpxI5u)JdAEMwF>f-~I
zNv$ZzEUJu8Ni0cK2=VlF4GwYi4M11q<{#wh>F%fC?HZ{8wLnurJjm6}HOSS^*)<q!
zYq3UViY70Y=H@9ph0Ls+^$eW#8yibGIeO|C*%<_9ux^f(;$)t@Lz<U&(0N4)hgYn5
zxi%-sMjDxV_&SDFr4{5l>7^&SB~=yX8Ks-2rFxqu7Wt%Gy5;DFrR1mOS7bQ)6i51*
ixf+(5_@$c%PyXO9!o(o3S<qlM|HKLLY@mdOlM4X9J;rzd
delta 327
zcmZo@U}`wPI6+#Fg@J*AjR65zC+ZlBvoPotE#hThU|{8$!oVNN*Uwwa^O|SMW<dox
zp3PHu3Yl5CLK(P1H#T~6@pNl2vNH%yiEOM-Nt)~^AF%nh<W{E5X|kb4rUfC{Rr;Ql
z<)J1P&MBVhQJFb`mQkr86(vTIX{CXt0i|xak)COKW-dWVrr9n*c_rz|mEn^=_=~VH
z@~1NJr*0Nhh~}?vlwf3TGEc4a%1Clg&h*dp@(iu=H1x~#EcVO`GEH{&H1o_ZhzN7`
zveZkh^fF8~3aj+YDlqrV&B^x6%CAfdF3(I1cQf$J%CGRNa;)^t3N-M|axM39_R2~1
zaLn}2ay9mK@vQW7NjC8fakA7iDK88T&oVMg4ag~v&`ptv_bv2y^(Z&13=P&z^ogj-
QHqA{oO;7O;2#L%G0I$+wEC2ui
diff --git a/index.js b/index.js
index 5ef99e5..9760286 100644
--- a/index.js
+++ b/index.js
@@ -25,6 +25,8 @@ import authSignup from './src/routes/auth/authSignup.js';
import authLogin from './src/routes/auth/authLogin.js';
import authMiddleware from './src/routes/auth/authMiddleware.js';
import authDisconnect from './src/routes/auth/authDisconnect.js';
+import authRefresh from './src/routes/auth/authRefresh.js';
+
async function createDb() {
if(fs.existsSync('./db/database.db') == false){
const db = await open({
@@ -66,6 +68,7 @@ api.use(express.json());
api.use('/auth/signup',authSignup);
api.use('/auth/login',authLogin);
api.use('/auth/disconnect', authDisconnect);
+api.use('/auth/refresh', authRefresh);
api.use('/hello',authMiddleware,helloRoute);
api.use('/monkey/deleteAll',monkeyDeletteAll);
diff --git a/migrations/001-db.sql b/migrations/001-db.sql
index 2424d4e..ea7a174 100644
--- a/migrations/001-db.sql
+++ b/migrations/001-db.sql
@@ -31,6 +31,15 @@ CREATE TABLE invalid_token (
token TEXT
);
+CREATE TABLE refresh_tokens (
+ id INTEGER PRIMARY KEY AUTOINCREMENT,
+ user_id INTEGER,
+ token TEXT NOT NULL,
+ expiry_date TIMESTAMP NOT NULL,
+ FOREIGN KEY(user_id) REFERENCES users(id)
+);
+
+
-- Insertion des données dans la table 'user'
INSERT INTO user (id, username, password) VALUES
(1, 'admin', 'admin');
diff --git a/src/DAO/MonkeyDbDAO.js b/src/DAO/MonkeyDbDAO.js
index 9b5d1e7..a0f2d22 100644
--- a/src/DAO/MonkeyDbDAO.js
+++ b/src/DAO/MonkeyDbDAO.js
@@ -21,6 +21,25 @@ class MonkeyDbDAO extends IMonkeyDAO{
filename: './db/database.db',
driver: sqlite3.Database
});
+ const dataMonkey = await this.db.get('SELECT * FROM monkey WHERE id = ?', [monkey.id]);
+ if(monkey.name == null){
+ monkey.name = dataMonkey.name;
+ }
+ if(monkey.speciesId == null){
+ monkey.speciesId = dataMonkey.speciesId;
+ }
+ if(monkey.sex == null){
+ monkey.sex = dataMonkey.sex
+ }
+ if(monkey.age == null){
+ monkey.age = dataMonkey.age;
+ }
+ if(monkey.birthLoc == null){
+ monkey.birthLoc = dataMonkey.birthLoc;
+ }
+ if(monkey.liveLoc == null){
+ monkey.liveLoc = dataMonkey.liveLoc;
+ }
await this.db.run('UPDATE monkey SET name = ?, speciesId = ?, sex=?, age = ?, birthLoc = ?, liveLoc = ? WHERE id = ?',[monkey.name, monkey.speciesId, monkey.sex, monkey.age, monkey.birthLoc, monkey.liveLoc, monkey.id]);
}
async delete(id){
diff --git a/src/DAO/SpeciesDbDAO.js b/src/DAO/SpeciesDbDAO.js
index 83db1c0..4bc5890 100644
--- a/src/DAO/SpeciesDbDAO.js
+++ b/src/DAO/SpeciesDbDAO.js
@@ -19,6 +19,22 @@ class SpeciesDbDAO extends ISpeciesDAO{
filename: './db/database.db',
driver: sqlite3.Database
});
+ const dataSpecies = await this.db.get('SELECT * FROM species WHERE id = ?', [species.id]);
+ if(species.name == null){
+ species.name = dataSpecies.name;
+ }
+ if(species.habitat == null){
+ species.habitat = dataSpecies.habitat;
+ }
+ if(species.height == null){
+ species.height = dataSpecies.height;
+ }
+ if(species.weight == null){
+ species.weight = dataSpecies.weight;
+ }
+ if(species.diet == null){
+ species.diet = dataSpecies.diet;
+ }
await this.db.run('UPDATE species SET name = ?, habitat = ?, height = ?, weight = ?, diet = ? WHERE id = ?', [species.name, species.habitat, species.height, species.weight, species.diet, species.id]);
}
diff --git a/src/routes/auth/authLogin.js b/src/routes/auth/authLogin.js
index df8cc48..4c0437b 100644
--- a/src/routes/auth/authLogin.js
+++ b/src/routes/auth/authLogin.js
@@ -29,19 +29,20 @@ router.post('/', async (req, res) => {
}
};
- jwt.sign(
- payload,
- process.env.JWT_SECRET,
- { expiresIn: 3600 },
- (err, token) => {
- if (err) throw err;
- res.json({ token });
- }
- );
+ const accessToken = jwt.sign(payload, process.env.JWT_SECRET, { expiresIn: '15m' });
+ const refreshToken = jwt.sign(payload, process.env.JWT_SECRET, { expiresIn: '7d' });
+
+ // Stockez le refresh token dans la base de données
+ //db.prepare('INSERT INTO refresh_tokens (user_id, token, expiry_date) VALUES (?, ?, datetime("now", "+7 day"))').run(user.id, refreshToken);
+
+
+ res.json({ accessToken, refreshToken });
} catch (err) {
console.error(err.message);
res.status(500).send('Erreur du serveur');
}
});
+
+
export default router;
diff --git a/src/routes/auth/authRefresh.js b/src/routes/auth/authRefresh.js
new file mode 100644
index 0000000..3154343
--- /dev/null
+++ b/src/routes/auth/authRefresh.js
@@ -0,0 +1,24 @@
+import express from 'express';
+import bcrypt, { compare } from 'bcrypt';
+import jwt from 'jsonwebtoken';
+import sqlite from 'better-sqlite3';
+import dotenv from 'dotenv';
+dotenv.config();
+
+const router = express.Router();
+
+router.post('/refresh', (req, res) => {
+ const refreshToken = req.body.token;
+
+ // Vérifiez si le refresh token est valide
+
+ jwt.verify(refreshToken, process.env.JWT_SECRET, (err, user) => {
+ if (err) return res.sendStatus(403);
+
+ const accessToken = jwt.sign({ id: user.id }, process.env.JWT_SECRET, { expiresIn: '15m' });
+
+ res.json({ accessToken });
+ });
+});
+
+export default router;
\ No newline at end of file
--
GitLab